MARGO

Senior DevSecOps Engineer

MARGO

full-time

Posted on:

Location Type: Remote

Location: Poland

Visit company website

Explore more

AI Apply
Apply

Salary

💰 PLN 220 - PLN 250 per hour

Job Level

Senior

Tech Stack

AWSAzureCloudDockerGoKubernetesPythonSplunkTerraform

About the role

  • Design, implement, and maintain security testing tools within our CI/CD pipelines (GitLab CI).
  • Review and tune our Mend.io deployment: SAST (Static Application Security Testing), DAST (Dynamic AST), and SCA (Software Composition Analysis) tools to catch vulnerabilities before deployment.
  • Ensure "fail-fast" mechanisms are in place so developers receive immediate feedback on security regressions.
  • Lead Threat Modeling workshops with engineering teams during the design phase of new features.
  • Advocate for "Security by Design" principles, helping developers understand potential attack vectors and mitigation strategies.
  • Review Infrastructure as Code (Terraform) templates to ensure secure cloud provisioning.
  • Review and optimize the current SIEM (Security Information and Event Management) implementation.
  • Evaluate log ingestion strategies to ensure we are capturing the right data without noise.
  • Develop and refine correlation rules and alerts to detect anomalies, intrusions, or policy violations effectively.
  • Act as a subject matter expert for developers, providing guidance on remediation of security findings.
  • Assist in maintaining compliance with industry standards (e.g., SOC2, ISO 27001, GDPR) through automated controls and evidence gathering.

Requirements

  • 3-5+ years in DevOps, Security Engineering, or a related field.
  • Previous background in software development.
  • Strong experience with CI/CD tools (Gitlab, CircleCI, GitHub Actions) and containerization (Docker/Kubernetes).
  • Experience with infrastructure as code tooling: Terraform, Pulumi, CloudFormation.
  • Proficiency in Python, Go, or Bash for automation.
  • Hands-on experience implementing tools like Mend.io, Snyk.
  • Experience managing or configuring SIEM platforms (e.g., Splunk, ELK Stack, Datadog Security, Sumo Logic).
  • Solid understanding of AWS security services (IAM, VPC, GuardDuty, Security Hub, etc.).
  • Nice to have: Experience with "Policy as Code" tools (e.g., OPA - Open policy agents)
  • Certifications such as CISSP, CCSP, or AWS/Azure Security Specialist.
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
security testing toolsSASTDASTSCAInfrastructure as CodeTerraformPythonGoBashAWS security services
Soft Skills
leadershipadvocacycommunicationcollaborationproblem-solving
Certifications
CISSPCCSPAWS Security SpecialistAzure Security Specialist