Senior DevSecOps Engineer

We are seeking a Senior DevSecOps Engineer who thrives at the intersection of development, security, and operations. This role is ideal for someone who wants to embed security into every step of the software delivery lifecycle, all while driving innovation, automation, and operational excellence.

You will lead by example in architecting secure and scalable DevOps solutions, automating infrastructure, and guiding security-first practices within engineering teams.

Key responsibilities

• CI/CD leadership: Architect, build, and manage end-to-end CI/CD pipelines (primarily with Azure DevOps), embedding automated security scans and compliance checks.
• Container security: Use Docker and Podman to containerize applications, enforce container hardening best practices, and ensure runtime security.
• Cloud Infrastructure: Provision secure, scalable environments in Azure using Terraform, and optimize pipeline performance via ContainerAppJobs and DevOps Managed Pools.
• Secrets Management: Drive company-wide adoption of HashiCorp Vault, guiding teams through integration, usage, and best practices.
• Pipeline security testing: Integrate tools like Fortify and SonarQube to enforce SAST and SCA within CI/CD pipelines.
• Artifact security: Manage SBOM creation, signing, and integrity validation to ensure traceable, auditable releases.
• Vulnerability Management: Use tools like WIZ and DefectDojo to detect and remediate vulnerabilities; help Dev teams build secure-by-design pipelines.
• Automation: Automate deployment and configuration management using Ansible to ensure consistency and reliability across environments.
• Agile & ITIL Alignment: Collaborate with cross-functional teams to align DevSecOps practices with Agile and ITIL processes.

Required qualifications

• Proven experience with Azure DevOps CI/CD pipelines and modern DevOps practices.
• Hands-on knowledge of HashiCorp Vault for secrets management.
• Expertise in containerization technologies: Docker, Podman.
• Experience integrating security scanning tools like Fortify, SonarQube.
• Familiar with WIZ or other CNAPP platforms.
• Solid grasp of OWASP security standards.
• Comfortable operating in Agile and ITIL-based environments.
• Strong problem-solving, troubleshooting, and collaboration skills.
• Able to work independently and take initiative.

Preferred skills

• Expertise in Terraform and Ansible.
• Understanding of regulatory compliance (e.g., ISO 27001, NIST, GDPR) in CI/CD contexts.
• Passion for continuous learning and emerging DevSecOps practices.
• Proactive mindset with the ability to coach and influence technical teams.

Why Join Us?

This role offers the chance to make a real impact in how we build, secure, and deliver our technology. You’ll work alongside smart, motivated professionals who value security, speed, and collaboration.

If you’re ready to raise the bar on how DevSecOps should be done, we want to hear from you.