• Act as SME in DevSecOps program
  • Support static, dynamic and security awareness services
  • Lead development, maintenance and improvement of detection controls, security reviews, remediation activities and business unit engagements
  • Lead S-SDLC training and guidance on security related issues
  • Drive adoption of embedded application security controls within Software Development Life Cycle (SDLC)
  • Advise on identified vulnerabilities in our applications and cloud environments without jeopardizing product roadmap.
  • Evangelize and coach engineers on secure design & development practices through threat modelling and help remediate findings.
  • Cross pollination of secure development techniques and best practices across engineering tribes.
  • Collaborate across technology and business units and ensure CS initiatives are successfully delivered.
  • Be on-hand to assist colleagues as part of our incident response (Security Operations) process should this be required.

  • Salary: 150-170 PLN/h net + VAT
  • Contract type: B2B contract via Devire
  • Contract duration: long-term contract
  • Location: remote work (occasional visits in Warsaw office)
  • Recruitment process: verification on Devire side + two stages on Client side
  • Equipment: provided by the Client

  • Degree in software development, or other relevant experience.
  • 5+ years of experience as a software developer or DevOps professional.
  • Good English written/verbal communication skill (C1)
  • Ability to manage, prioritize, remediate vulnerabilities like those on the OWASP Top10 list.
  • Excellent knowledge in at least one of the object-orientated programming languages like Java, .NET
  • Experience with AWS & Azure cloud services, especially their security products.
  • Experience with modern technologies like Docker, Kubernetes
  • Experience with automated deployments and containerized application management.
  • Excellent experience creating Operational Awareness through monitoring and alerting solutions.
  • Highly proficient with IaC and Configuration Management tooling (Terraform, Ansible, Puppet, Chef)
  • Strong understanding of CI/CD pipelines (at least 2 years).
  • Strong scripting skills
  • Excellence with version control systems and application lifecycle management (Git / GitHub).
  • A keen interest in continuous professional learning across software engineering, cloud, and application security domains.
  • Working in agile development teams in a fast-paced environment.
  • Excellent inter-personal and communication skills with fluency in English (written & spoken).
  • Experience with supervising and/or mentoring product & platform teams to onboard DevSecOps
  • Cloud-native development and/or experience with other public & hybrid cloud services (AWS, Azure).
  • Hands-on experience with Cloud & Software Security and DevSecOps tooling such as CNAPP, SAST, SCA, DAST
  • Experience with maintaining large-scale and fault-tolerant distributed systems in production.
  • Knowledge of IT security frameworks and standards is required (ISO2700x, CIS Benchmarks, NIST, Well Architecture Frameworks, OWASP SAMM, OWASP  ASVS
  • Have a good understanding of a wide range of technologies, programming languages and application frameworks to identify risks and vulnerabilities.
  • Knowledge and hands-on experience with Application Security reviews, Program Assessments and Maturity Scoring, Vulnerability Assessments, Risk Assessments, SDLC process improvement
  • Experience with one or more ecosystem: SAP, Salesforce, ServiceNow, PLM solution, CRM, Data Management/ BI

Jesteśmy Devire – firmą rekrutacyjną, której celem jest łączenie świetnych ludzi ze świetnymi pracodawcami.

Niezależnie czy rozglądasz się za nową pracą na stałe czy projektem w formie współpracy B2B – możesz polegać na naszym wsparciu na każdym kroku.

Współpracujemy z pracodawcami z terenu całej Polski i realizujemy rekrutacje we wszystkich kluczowych obszarach technologicznych.