CI/CD Engineer – Security & Compliance

Interval Group

DevSecOps Platform Engineer designing and automating secure DevOps architectures. Integrate security tooling and observability into CI/CD pipelines within a cloud-native environment.

Posted 5/11/2026contractRemote • 🇩🇪 GermanyMid-LevelSeniorWebsite

Tech Stack

Tools & technologies

CloudGoogle Cloud PlatformGrafanaKubernetesPrometheusTerraform

About the role

Key responsibilities & impact

Design, implement, and maintain robust infrastructure solutions while ensuring the highest standards of integrity, confidentiality, and system availability.
Focus on empowering engineering teams by exposing security tools through self-service interfaces and automating complex compliance workflows.
Central role in optimising continuous integration and delivery across a diverse service landscape.
Analyse program requirements to design secure, scalable architectures that address complex integration and compliance needs.
Develop and configure CI/CD pipelines featuring built-in security scanning, compliance checks, and automated validation.
Implement secure configurations, access controls, and encryption for repositories, systems, and deployment workflows.
Automate infrastructure provisioning and management using tools such as Terraform or OpenTofu.
Design user-friendly self-service interfaces and APIs to allow developers to access security tools seamlessly.
Drive automation efforts for the generation and validation of Software Bill of Materials (SBOMs) and KBOMs during build processes.
Conduct continuous vulnerability management, risk assessments, and threat modelling to identify and mitigate potential weaknesses.
Maintain system availability through disaster recovery planning, incident response, and routine audits of system logs and user access.
Create comprehensive documentation, including step-by-step guides, architecture diagrams, and FAQs for internal and external stakeholders.
Collaborate with cross-functional teams to resolve issues, implement new features, and ensure systems run optimally under data protection requirements.

Requirements

What you’ll need

Proven experience implementing end-to-end DevSecOps practices and embedding security controls into platform layers.
Extensive hands-on experience designing, operating, and troubleshooting large-scale Kubernetes platforms, including deep knowledge of CNI, RBAC, and admission controllers.
Strong proficiency with GitOps workflows using Argo CD or FluxCD in production environments.
Direct experience with Infrastructure-as-Code (IaC) using Terraform or OpenTofu.
Hands-on expertise with Google Cloud Platform, specifically GKE operations, IAM workload identity, and VPC networking.
Operational experience with artifact registries such as Harbor and security tooling like Trivy, Dependency-Track, or DefectDojo.
Solid understanding of software supply chain security, including artifact signing, provenance, and SBOM standards like CycloneDX.
Advanced experience building observability stacks centered around Prometheus and Grafana, including custom security-focused dashboards.
Strong background in operating and scaling GitLab architectures for large CI workloads.
Deep understanding of encryption mechanisms, asymmetric cryptography, and PKI.

Benefits

Comp & perks

Flexible working hours
Freedom to choose your own projects
Access to exciting projects in various industries
Support for advancing your career
Competitive pay
Dedicated team assistance

ATS Keywords

✓ Tailor your resume

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

DevSecOpsKubernetesGitOpsTerraformOpenTofuGoogle Cloud PlatformGKEartifact registriesobservability stacksencryption mechanisms

Soft Skills

collaborationproblem-solvingdocumentationcommunicationrisk assessment