DevSecOps Engineer
Mindbox Sp. z o.o.
28000 - 33000 PLN / HOUR
Kraków
Kraków, Lesser Poland
Hybrydowa
B2B
DevSecOps
CI/CD
Groovy
Python
Jenkins
Maven
SonarQube
supply-chain security
performance tuning
cloud experience
Status
Hexjobs Insights
Stanowisko: DevSecOps Engineer. Zakres obowiązków: projektowanie i utrzymanie kroków pipeline, optymalizacja wydajności, mentoring. Wymagania: 7+ lat doświadczenia, biegłość w Jenkins i Groovy.
Słowa kluczowe
DevSecOps
CI/CD
Groovy
Python
Jenkins
Maven
SonarQube
supply-chain security
performance tuning
cloud experience
Benefity
- Elastyczny model współpracy – wybierz najlepszą dla siebie formę (B2B, umowa o pracę itp.)
- Hybrydowy model pracy – 6 dni w miesiącu w biurze (Kraków)
- Kultura współpracy zespołowej – praca z doświadczonymi profesjonalistami
- Dostęp do platform szkoleniowych i możliwości rozwoju
- Kompleksowe benefity – w tym opieka zdrowotna Interpolska, karta Multisport, ubezpieczenie Warta
- Wysokiej jakości sprzęt – laptop i niezbędne oprogramowanie
Technologies we use
About the project
Your responsibilities
- Design and maintain Groovy pipeline steps (build, test, package, scan, deploy)
- Extend Python tooling for SLSA provenance, SBOM generation, hash/digest accuracy, and security scan aggregation
- Optimize performance (parallel builds, caching, scope-reduced BOMs, dependency prefetch)
- Ensure artifact integrity (correct SHA1/SHA256 mapping, reproducible inputs, evidence modeling)
- Refactor legacy scripts (remove global state, consolidate hashing, standardize templates)
- Document ci-config.yaml standards and usage patterns
- Mentor engineers on secure pipeline development and supply-chain practices
- Troubleshoot and prevent pipeline incidents
- Note: Detailed project information will be shared during the recruitment process.
Our requirements
- 7+ years of engineering experience; 3+ years in CI/CD platform or DevSecOps
- Strong Jenkins + Groovy shared library expertise
- Advanced Python automation (JSON/YAML processing, tooling scripts)
- Deep knowledge of Maven/NPM/Python packaging; exposure to Helm/Terraform and container image metadata
- Supply-chain security (SLSA, CycloneDX SBOM, digests)
- Experience with SonarQube, Sonatype IQ, container and SAST scanning
- Proven performance tuning (caching, parallelization, dependency pruning)
- Compliance awareness
Optional
- Artifact signing / attestations (cosign, OCI)
- Terraform module and Helm chart publishing patterns
- GitOps or release automation experience
- GCP/AWS cloud experience
This is how we organize our work
This is how we work
This is how we work on a project
What we offer
- Flexible cooperation model – choose the form that suits you best (B2B, employment contract, etc.)
- Hybrid work setup – 6 days per month in the office (Kraków)
- Collaborative team culture – work alongside experienced professionals eager to share knowledge
- Continuous development – access to training platforms and growth opportunities
- Comprehensive benefits – including Interpolska Health Care, Multisport card, Warta Insurance, and more
- High quality equipment – laptop and essential software provided
Benefits
Wyświetlenia: 6
| Opublikowana | 18 dni temu |
| Wygasa | za 12 dni |
| Rodzaj umowy | B2B |
| Tryb pracy | Hybrydowa |
| Źródło |    |
Podobne oferty, które mogą Cię zainteresować
Na podstawie "DevSecOps Engineer"
Nie znaleziono ofert, spróbuj zmienić kryteria wyszukiwania.