DevSecOps Engineer, CI/CD Security Implementation
Employment Information
Report this job
Job expired or something wrong with this job?
Job Description
DevSecOps Engineer responsible for implementing security measures and quality checks in CI/CD pipelines. Join ISCC to contribute to sustainable supply chains and climate mitigation.
Responsibilities:
- You will be writing YAML, configuring tools, and committing code
- SAST – Static Application Security Testing - Integrate SonarQube into GitHub Actions for code quality and security scanning
- Configure quality gates and security rules for Python, R, and PHP codebases
- Set up branch analysis and PR decoration
- Implement Snyk for dependency vulnerability scanning in CI pipelines
- Configure Snyk for Python, R, and PHP projects
- Set up automated fix PRs and vulnerability tracking
- Integrate Snyk with GitHub for continuous monitoring
- Configure AWS ECR Enhanced Scanning for container images
- Set up ECR scan-on-push and findings routing to Security Hub
- Create Dockerfile security best practices and base image guidelines
- Configure GitHub secret scanning and push protection
- Implement pre-commit hooks
- Set up AWS Secrets Manager integration patterns for applications
- Create security gates that block deployments on critical/high findings
- Configure severity thresholds and exception workflows
- Document all configurations for ISO 27001 audit evidence
Requirements:
- GitHub Actions: writing and maintaining complex workflows
- SonarQube: setup, configuration, quality gates, CI integration
- Snyk: dependency scanning, GitHub integration, fix automation
- Container scanning: ECR scanning, or similar tools
- AWS: ECR, Security Hub, Secrets Manager
- Python: enough to understand and review Python code for security
- Nice to Have
- DAST implementation (OWASP ZAP automation)
- ISO 27001 compliance documentation experience
- AWS GuardDuty and Inspector configuration
- GitHub Advanced Security features
- AWS Certified Security – Specialty
Benefits:
- Remote work and flexible working hours
- Competitive compensation
- Professional onboarding to help you have an ideal start with us
- Being part of a meaningful mission to a more sustainable future
- The opportunity to work independently
Similar Jobs
DevSecOps Engineer, CI/CD Security Implementation – Freelancer
DevSecOps Engineer responsible for writing YAML and configuring CI/CD security tools. Join an international team focused on sustainable practices and security best practices.
DevOps / Platform Engineering Lead
DevOps/Platform Engineering Lead handling platform reliability and security for MAIA's AI systems. Overseeing infrastructure, CI/CD pipelines, and observability for a fast-growing AI platform.
DevSecOps Mentor
DevSecOps Mentor & Specialist at Developer Akademie focusing on creating secure learning platforms. Support learners in becoming DevSecOps experts while developing software solutions.
DevOps Engineer – m/f/d
DevOps Engineer responsible for Azure Cloud Container environments at coeo, transforming On-Premise to Azure-Cloud for modern applications. Monitoring system performance and stability with CI/CD deployment.
DevSecOps Mentor
DevSecOps Mentor supporting participants in education programs at Developer Akademie. Collaborate on infrastructure and software development as part of a growing e-learning start-up.
Staff SRE Engineer – Platform
Staff SRE Engineer managing Kubernetes clusters and cloud infrastructure for Phantom's crypto wallet product. Supporting system reliability, performance, and collaboration with multiple teams.
Staff DevOps Engineer
Staff DevOps Engineer creating and delivering DevOps and MLOps solutions at TRIMEDX. Engaging with multiple teams to ensure scalable delivery environments and technical standards.
Site Reliability Engineer
Site Reliability Engineer for White Hat Gaming overseeing system reliability and streamlining development pipelines using automation tools. Supporting Linux servers and databases for a dynamic iGaming platform.
Senior Infrastructure/Site Reliability Engineer, SRE
SRE ensuring reliability across a multi-region cloud-native platform for AI risk management. Architecting infrastructure and improving performance while mentoring engineering teams.
Senior DevOps / DevEx Engineer
Senior DevOps/DevEx Engineer responsible for building internal development tools at RevenueCat. Collaborating with a global remote team across diverse geographic locations.
Senior Infrastructure/Site Reliability Engineer (SRE)
Experienced Site Reliability Engineer working with advanced AI Risk Decisioning™ Platform. Leading initiatives to enhance platform reliability and mentor engineers in a cutting-edge team.
Senior SRE
SRE role at Invillia focusing on cloud infrastructure and service lifecycle management. Engage in crisis resolution and enhance technology solutions for a global team.
DevOps Engineer – Full Remote
DevOps Engineer supporting the digital transformation of the energy sector with modern tools in a fully remote position. Focus on high software quality and collaboration in an agile team.
DevOps Engineer
DevOps Engineer focusing on Azure for an innovative company in water management. Designing scalable cloud infrastructures and CI/CD pipelines to enhance water efficiency through advanced technologies.
Azure DevOps Engineer
DevOps Engineer managing CI/CD pipelines on Azure for a leading technology company. Focusing on modern solutions for digital transformation with responsibilities in automation, monitoring, and infrastructure management.
Intermediate DevOps Engineer, AWS
Intermediate DevOps Engineer responsible for AWS infrastructures and services. Working in a dynamic and growing environment while collaborating on cloud infrastructure projects.
Staff DevOps Engineer
Staff DevOps Engineer leading cloud infrastructure for energy technology company. Driving DevOps best practices and mentoring engineers for scalable and observable software delivery.
DevOps Engineer
AWS Cloud Engineer responsible for designing, implementing, and managing scalable cloud infrastructure on AWS. Collaborate with development teams to support cloud-based applications.
SRE, SPC, CloudOps
Level 2 Site Reliability Engineer responsible for reliability and performance of Azure applications. Collaborative role involving incident management and operational excellence in a cloud environment.
Senior DevOps
DevOps responsible for developing and implementing automation solutions in process. Looking for candidates with a strong background in IT and extensive development experience.