DevSecOps Engineer (offline)

Project, technologies, team details

For the past four years, we have been developing an ecosystem of e-government products for a foreign client. There are five large platforms and 15 scrum teams developing products based on these platforms.

Each of the platforms is in fact an electronic cabinet with a set of electronic services that allow both citizens and ex-pats to communicate effectively with the state. Hundreds of people use these products every minute and the number of users is only growing.

General application stack that we use on those projects – React, Ruby (roda, RoR), Java, Postgres, MSSQL, RabbitMQ, Redis, ELK stack, Prometheus stack

DevOps tools in general – GitLab CI, Docker, docker-compose, Terraform, Ansible

Other tools – Selenoid, Allure, Sentry, SonarQube, Bash, Python

You will be a DevSecOps Engineer in the DevOps team. The team includes DevOps Architects, Senior, and Middle DevOps Engineers.

Your impact

- Integrate DevSecOps practices on project, implement DevSecOps pipelines, reporting and alerting tools

- Configuring and supporting different types of code scanning such as SCA, SAST for different languages. Configuring DAST.

- Document best practices and and incident response procedures

- Configure and manage scanning processes for Docker images

- Collaborate with developers and solution architects to integrate Security Development Lifecycle

- Establish a flow for developers to track and resolve security issues

- Direct communication with customer Lead DevOps and Solution Architects

- Participate in architecture and roadmap discussions and development

We are looking for someone who

- Knows security principles, practices, and common vulnerabilities, understanding of OWASP

- Hands-on experience with SCA, SAST, DAST tools, and container security solutions

- Experience with scripting languages such as Python / Bash

- Has English at Intermediate level

- Ability to convey complex security concepts to developers and stakeholders, fostering collaboration.

Nice to have

- Experience in Ruby or Java

- Experience with GitLab CI

- Experience integrating security measures into different stages of the SDLC

- Knowledge of securing applications in cloud environments (e.g., AWS, Azure, GCP)

- DevSecOps courses and certifications

Our benefits

- Fully remote

- Flexibility. You will be able to organize your working schedule independently while also engaging in regular meetings for effective collaboration

- 24 days for rest, 10 days for health and well-being

- Compensation for coworking space — up to $150. Unlimited coworking in Lviv, Vinnytsia, and Kharkiv

- Reasonable learning and development opportunities

- Well-adjusted internal knowledge-sharing system

- Referral Bonus: recommend great talent, and get rewarded

- Free professional help from our corporate psychologist

- Free online English lessons

- Sport club membership — compensated partially

- Accounting and legal support for private entrepreneurs

- You can choose Ukraine or Poland public holidays according to your location

- We have booked a hotel in Lviv to support relocation inside Ukraine

- Work on socially important projects in the E-Government niche. Stability

- DevOps Team from Strong Middle to Solution Architect levels. Our DevOps Solution Architect used to work on Facebook and is ready for knowledge-sharing

Recruiting process

Online interview with a recruiter — 20-30 minutes.

Interview with DevOps Team — up to 1-1.5 hours.