DevSecOps Engineer @ Antal

• 7+ years of engineering experience, including 3+ years in CI/CD platform development or DevSecOps.
• Strong expertise in Jenkins and Groovy Shared Libraries.
• Advanced proficiency in Python (automation, tooling scripts, JSON/YAML processing).
• Deep understanding of Maven / NPM / Python packaging; exposure to Helm/Terraform and container image metadata.
• Strong background in supply-chain security (SLSA, CycloneDX SBOM, digests).
• Experience with SonarQube, Sonatype IQ, container scanning, and SAST tools.
• Proven performance tuning skills (caching, parallelization, dependency pruning).
• Awareness of compliance standards and enterprise governance.

Nice-to-Have

• Experience with artifact signing / attestations (cosign, OCI).
• Familiarity with publishing Terraform modules and Helm charts.
• GitOps or release automation experience.
• Cloud experience (GCP or AWS).

Soft Skills

• Clear and precise communication.
• Strong documentation discipline.
• Ownership mindset; able to operate independently with minimal supervision.

Senior DevSecOps / CI/CD Engineer

Contract type: B2B / Contracting
Work model: Hybrid – 2 days per week on-site (Kraków)
Industry: Banking / FinTech
Rate: 200–220 PLN/h (B2B)

Role Overview

We are looking for a highly experienced Senior DevSecOps / CI/CD Engineer to join a platform engineering team supporting a major banking client. The role focuses on designing, building, and maintaining secure, efficient CI/CD pipelines and improving the organization’s software supply-chain security posture.

You will work on pipeline optimization, Python tooling, artifact integrity, security scanning, and mentoring engineers on DevSecOps best practices.

,[Design and maintain Groovy-based pipeline steps (build, test, package, scan, deploy)., Extend Python tooling for SLSA provenance, SBOM generation, digest/hash accuracy, and aggregated security scanning (SonarQube, Sonatype IQ, SAST/Container)., Optimize pipeline performance (parallel builds, caching, reduced-scope BOMs, dependency prefetch)., Ensure artifact integrity (correct SHA1/SHA256 mapping, reproducible builds, evidence modeling)., Refactor legacy scripts: remove global state, unify hashing logic, standardize templates., Create and maintain documentation for ci-config.yaml standards and usage patterns., Mentor engineers on secure pipeline development and supply-chain security practices., Troubleshoot and prevent incidents in CI/CD pipelines.] Requirements: DevSecOps, CI/CD, Jenkins, Groovy Shared Libraries, Python, Maven, npm, Helm, Terraform, SonarQube, Sonatype IQ, Container Scanning, SAST, Communication skills, Documentation writing, Cosign, OCI, Terraform modules, Helm charts, GCP, AWS

Kategorie

devops

Odpovědět na inzerát