DevSecOps Engineer

This position is posted by Jobgether on behalf of a partner company. We are currently looking for a DevSecOps Engineer in Germany.

This is an exciting opportunity for a security-focused engineer to contribute to the development of secure, scalable, and automated cloud infrastructure within a fast-growing international technology environment. In this role, you will work at the intersection of security, development, and operations, helping integrate security best practices into modern engineering workflows and CI/CD pipelines. You will collaborate closely with cross-functional teams to strengthen infrastructure security, automate vulnerability detection, and improve system resilience across cloud-native environments.

The position offers exposure to cutting-edge DevSecOps practices, infrastructure automation, and large-scale distributed systems in a fully remote and collaborative culture. This role is ideal for professionals passionate about security automation, cloud technologies, and building reliable systems that support global products and users.

Accountabilities

• Design, implement, and maintain automated security tools and processes integrated into CI/CD pipelines.
• Develop and manage security automation workflows, including static code analysis, vulnerability scanning, and infrastructure security assessments.
• Collaborate with infrastructure and operations teams to design secure cloud architectures, deployment processes, and network configurations.
• Implement and maintain security monitoring, intrusion detection, logging, and observability solutions to proactively identify and respond to threats.
• Support the implementation of secure access controls, encryption mechanisms, firewall configurations, and web application firewall (WAF) policies.
• Work closely with development, operations, and security teams to embed security requirements throughout the software development lifecycle.
• Conduct infrastructure and configuration reviews to identify and remediate security vulnerabilities and compliance gaps.
• Assist with security audits, compliance assessments, and documentation processes related to industry standards and regulatory requirements.
• Contribute to incident response planning, risk assessments, and continuous improvement of security practices across engineering environments.

Requirements

• Minimum 3 years of experience in Security, SecOps, or DevSecOps roles within modern engineering environments.
• Hands-on experience identifying and remediating infrastructure misconfigurations using policy-as-code and IaC security scanning tools such as Checkov, tfsec, or Terrascan.
• Knowledge of cloud infrastructure, CI/CD pipelines, infrastructure automation, and containerized environments such as Docker and Kubernetes.
• Basic programming or scripting experience with JavaScript, TypeScript, Python, or similar languages.
• Experience managing version control systems and implementing secure deployment workflows.
• Familiarity with WAF and firewall configuration management, including platforms such as Cloudflare or equivalent technologies.
• Strong understanding of security principles, secure coding practices, OWASP Top 10 vulnerabilities, encryption, authentication, and access control.
• Experience with security monitoring tools, SAST/DAST scanners, vulnerability management platforms, and log analysis solutions.
• Knowledge of threat modeling, risk assessment methodologies, vulnerability remediation, and incident response processes.
• Excellent collaboration and communication skills with the ability to work effectively across development, operations, and security teams.
• Relevant security certifications are considered an advantage.

Benefits

• Fully remote work environment with flexibility across supported regions.
• Competitive compensation package with potential stock grant opportunities depending on role and location.
• Access to country-specific perks and employee benefits programs.
• Optional coworking access through WeWork locations.
• Opportunity to work on large-scale global infrastructure and modern cloud-native security environments.
• Exposure to advanced DevSecOps methodologies, automation frameworks, and security technologies.
• Collaborative and inclusive culture focused on innovation, continuous learning, and career growth.
• Opportunity to contribute to products and systems supporting a globally distributed workforce.

How Jobgether Works

We use an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. Our system identifies the top-fitting candidates, and this shortlist is then shared directly with the hiring company. The final decision and next steps (interviews, assessments) are managed by their internal team.

We appreciate your interest and wish you the best!

Why Apply Through Jobgether?

Data Privacy Notice: By submitting your application, you acknowledge that Jobgether will process your personal data to evaluate your candidacy and share relevant information with the hiring employer. This processing is based on legitimate interest and pre-contractual measures under applicable data protection laws (including GDPR). You may exercise your rights (access, rectification, erasure, objection) at any time.

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.