DevOps Engineer

DevSecOps Engineer

Contract: Deta-vast (Temp-to-perm)

Start: ASAP

Location: mostly remote (once per 2/3 weeks in Antwerp, time-to-time in Amstelveen)

Language: Dutch

As a DevSecOps Engineer, you will collaborate with our team of engineers and architects to enhance the integration of security practices within our CI/CD tooling and DevOps processes.

Your role will be crucial in ensuring that security is embedded at every stage of the development lifecycle while supporting our DevOps teams in delivering secure products to our clients.

You will engage with various toolsets to automate and secure our infrastructure and deployments.

Work Environment:

• You will be part of a collaborative team managing development tools for this project.
• Effective communication with development teams will be a key aspect of the role.

Responsibilities:

• Automation & Security: Develop and maintain scripts to automate repetitive tasks, streamline secure deployments, and monitor infrastructure health. Utilize industry-standard automation tools (e.g., Ansible, Terraform, Bash, Python) to build secure automation solutions.
• CI/CD Pipeline Implementation: Design, implement, and maintain secure CI/CD pipelines that ensure fast, reliable, and automated software deployment across environments while incorporating security checks and compliance validations.
• Cloud Management: Work with public cloud platforms (Azure) to manage infrastructure, deployments, and system monitoring. Optimize for cost, performance, scalability, and security best practices.
• Collaboration: Collaborate closely with development, QA, and operations teams to define and implement best practices for code deployment, system monitoring, automated testing, and security measures.
• Monitoring & Incident Response: Implement robust monitoring, alerting, and logging systems to ensure high availability, performance, and security of applications.
• Security Best Practices: Ensure adherence to security best practices, including securing secrets, managing user access, conducting regular security assessments, and applying relevant compliance standards (e.g., GDPR, NIS2).

Required Skills:

• Proficient in maintaining and integrating multiple development tools that are part of a CI/CD pipeline, including Kubernetes, SonarQube, RedHat OpenShift, Ansible, etc., particularly within .NET or Java environments.
• Strong knowledge of cloud technologies (IaaS, PaaS, SaaS) with a focus on security implications.
• Extensive experience with automated provisioning tools such as Terraform, Ansible, Puppet, etc.
• Ability to install and configure these tools for both new installations and upgrades, with a security-first mindset.
• Experience supporting team colleagues and advising clients on best security practices.
• Familiarity with linking tools and using REST APIs to set up further integration and automation between tools.
• Experience with API security, including knowledge of Kong API gateway, is a significant plus.
• Eagerness to learn new technologies and a proactive approach to diving into new security tools and practices.