DevSecOps Engineer

A DevSecOps Engineer is responsible for integrating security practices into the entire software development lifecycle, ensuring that applications, infrastructure, and operations are secure by design. This role blends development, operations, and security expertise to maintain high-availability systems while proactively managing security risks and compliance requirements.

Responsibilities

Security Integration in CI/CD: Embed security checks, vulnerability scanning, and automated compliance tests into CI/CD pipelines

Infrastructure Security: Implement secure cloud and on-premises infrastructure using best practices for access control, encryption, and network segmentation

Container & Kubernetes Security: Manage and harden containerized environments, including image scanning, runtime protection, and pod security policies

Monitoring & Incident Response: Use observability tools to monitor systems for security threats, respond to incidents, and implement continuous improvements

Collaboration & Education: Work closely with developers, SREs, and QA teams to ensure security-first development practices, provide guidance on secure coding, and conduct threat modeling

Compliance & Governance: Ensure systems and processes comply with standards like ISO27001, SOC 2, GDPR, NIST, and maintain audit readiness

Requirements

Strong knowledge of cloud platforms (AWS, GCP, Azure) and their security services

Proficiency in scripting/programming (Python, Bash, Go, TypeScript)

Experience with CI/CD tools (GitLab, Jenkins, CircleCI) and integrating security into pipelines

Hands-on experience with Kubernetes, Docker, and container security tools (Trivy, Clair, Anchore)

Familiarity with infrastructure as code (Terraform, Pulumi) and securing IaC workflows

Understanding of network security, identity and access management, secrets management (Vault, AWS Secrets Manager)

Knowledge of monitoring and logging tools (Prometheus, Grafana, OpenTelemetry) for security observability

Nice to Have

Experience in penetration testing, red teaming, or security audits

Knowledge of zero-trust architectures and microservices security patterns

Experience with security automation frameworks and policy-as-code tools

Experience or strong interest in Web3 and crypto technologies, including blockchain-based data systems or decentralized applications

Certifications such as CISSP, CISM, AWS Security Specialty, or GCP Professional Security Engineer

Benefits

Learning support - courses, English classes, and conferences (up to 100% reimbursement)

Unique loyalty program - receive corporate digital miners and earn passive income with no investment

Team culture: retreats in international locations (for example, company apartments in Cyprus)

Memorable events with wow prizes - we celebrate big occasions in a big way

"Employee of the Month" award - we recognize and reward our top performers

Paid leave: up to 28 vacation days + 8 company holidays + 5 personal days per year

New career tracks - real opportunities to grow into expert or top management roles

Work-life fit - flexible hours and remote work. You don't need to chase balance - here, work is a part of life, not the opposite. We aim to make work inspiring, not exhausting. For us, results matter most