SecDevOps Engineer
PIN-UP Global is an international holding specializing in the development and implementation of advanced technologies, B2B solutions and innovative products for the iGaming industry. We provide certification and licensing of our products, providing customers and partners of the holding with high-quality and reliable solutions.
We are looking for a SecDevOps Engineer to join our team!
Requirements:
- Experience: Minimum of 3 years in DevSecOps or related fields;
- Cloud Proficiency: In-depth knowledge of cloud platforms (AWS, Azure, GCP) and experience with automation tools;
- Security Expertise: Strong understanding of security principles and hands-on experience implementing security measures in cloud environments;
- Vulnerability Management: Familiarity with vulnerability scanning tools and methodologies;
- Containerization: Experience with Docker and Kubernetes for container management and orchestration;
- Problem-Solving Skills: Excellent analytical abilities and capability to work independently and collaboratively within a team.
Will be plus:
- Experience with CI/CD Pipelines: (e.g., Jenkins, GitLab CI, GitHub Actions) with security integrations (SAST, DAST);
- Participation in security incident response (e.g., using SIEM tools like Splunk or ELK) or post-mortem analysis;
- Writing scripts (Python, Bash) to automate vulnerability scanning or monitoring;
Soft Skills:
- Explaining complex security concepts to technical teams;
- Working effectively with DevOps, developers, and managers to integrate security practices;
- Quickly resolving vulnerabilities while balancing release speed and security;
- Willingness to learn new tools and methodologies in a fast-changing environment.
Responsibilities:
- Automation Scripting: Develop and maintain scripts using Python, Bash, Ansible, and Terraform to enhance operational efficiency;
- Security Integration in CI/CD: Embed security practices into CI/CD pipelines, implementing tools and methodologies such as SAST, DAST, SCA, and secret detection;
- Vulnerability Assessment: Conduct regular vulnerability scans utilizing tools like Sysdig, Falco, and Trivy, and provide actionable remediation recommendations;
- Compliance and Auditing: Ensure cloud environments adhere to security standards and regulatory requirements, including ISO 27001 and best practices for AWS, Azure, and GCP;
- Infrastructure Management: Oversee and maintain the stability and security of services within cloud infrastructures.
Our Stack:
- Cloud: AWS, GCP;
- Containerization: Kubernetes, Docker;
- CI/CD: GitLab CI;
- Containers: Docker, basic Kubernetes knowledge;
- Languages: Python, Bash, Go, JavaScript;
- IaC: Ansible, Terraform;
- GitOps: ArgoCD;
- Scanning tools: Trivy, Checkov etc;
- Vault: HashiCorp Vault, AWS Secrets Manager.
Our benefits to you:
🍀An exciting and challenging job in a fast-growing holding, the opportunity to be part of a multicultural team of top professionals in Development, Architecture, Management, Operations, Marketing, Legal, Finance and more;
🤝Great working atmosphere with passionate experts and leaders, sharing a friendly culture and a success-driven mindset is guaranteed;
👨🏻💻Modern corporate equipment based on macOS or Windows and additional equipment are provided;
🏖️Paid vacations, sick leave, personal events days, days off;
💵Referral program — enjoy cooperation with your colleagues and get the bonus;
📚Educational programs: regular internal training sessions, compensation for external education, attendance of specialized global conferences;
🎯Rewards program for mentoring and coaching colleagues;
🗣️Free internal English courses;
🦄Multiple internal activities: online platform for employees with quests, gamification, presents and news, PIN-UP clubs for movie / book / pets lovers and more;
🎳Other benefits could be added based on your location.