GRAS - Global Risk Assessment Services

DevSecOps Engineer, CI/CD Security Implementation – Freelancer

GRAS - Global Risk Assessment Services

part-time

Posted on:

Location Type: Remote

Location: Germany

Visit company website

Explore more

AI Apply
Apply

Tech Stack

AWSPHPPython

About the role

  • You will be writing YAML, configuring tools, and committing code:
  • SAST – Static Application Security Testing - Integrate SonarQube into GitHub Actions for code quality and security scanning
  • Configure quality gates and security rules for Python, R, and PHP codebases
  • Set up branch analysis and PR decoration
  • Dependency Scanning & SCA - Implement Snyk for dependency vulnerability scanning in CI pipelines
  • Configure Snyk for Python, R, and PHP projects
  • Set up automated fix PRs and vulnerability tracking
  • Integrate Snyk with GitHub for continuous monitoring
  • Container Image Security - Configure AWS ECR Enhanced Scanning for container images
  • Set up ECR scan-on-push and findings routing to Security Hub
  • Create Dockerfile security best practices and base image guidelines
  • Secret Scanning & Management - Configure GitHub secret scanning and push protection
  • Implement pre-commit hooks
  • Set up AWS Secrets Manager integration patterns for applications
  • Security Gates & Pipeline Governance - Create security gates that block deployments on critical/high findings
  • Configure severity thresholds and exception workflows
  • Document all configurations for ISO 27001 audit evidence

Requirements

  • You must have hands-on implementation experience with:
  • GitHub Actions: writing and maintaining complex workflows
  • SonarQube: setup, configuration, quality gates, CI integration
  • Snyk: dependency scanning, GitHub integration, fix automation
  • Container scanning: ECR scanning, or similar tools
  • AWS: ECR, Security Hub, Secrets Manager
  • Python: enough to understand and review Python code for security
  • Nice to Have
  • DAST implementation (OWASP ZAP automation)
  • ISO 27001 compliance documentation experience
  • AWS GuardDuty and Inspector configuration
  • GitHub Advanced Security features
  • AWS Certified Security – Specialty
Benefits
  • Remote work and flexible working hours
  • Competitive compensation
  • Professional onboarding to help you have an ideal start with us
  • Being part of a meaningful mission to a more sustainable future
  • The opportunity to work independently
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
YAMLStatic Application Security TestingSonarQubeSnykAWS ECRDockerfile security best practicesPythonGitHub Actionspre-commit hooksDAST
Certifications
AWS Certified Security – Specialty