# DevSecOps Engineer (Medior-Senior) — Trialzen
## WHO WE ARE
Trialzen is a Belgium-based company transforming clinical trial supply chain management. Our software combines advanced mathematics with an intuitive design to optimize forecasting, reduce risks, and minimize waste—all while prioritizing patient safety.
We focus on simplifying complexity, enabling teams to work smarter and deliver better outcomes. Joining Trialzen means shaping impactful solutions in a collaborative, forward-thinking environment.
## WHAT YOU WILL DO
This role is for an experienced engineer with a passion for building reliable, secure and well-run platforms in regulated environments. A strong foundation in AWS, infrastructure-as-code and application security is essential. Experience supporting GxP / 21 CFR Part 11 / GDPR / ISO 27001 / SOC 2 workloads is similarly valued but not essential — we can ramp you up on the regulatory side if the technical bar is there.
Above all, we are looking for team members eager to learn, innovate, and take ownership. This is your chance to shape how Trialzen ships, runs and protects a platform that biopharma sponsors rely on to plan clinical drug supply.
Trialzen is currently pursuing ISO 27001 certification and a SOC 2 Type II attestation. You will lead both efforts on the technical side — owning the controls, evidence and audit interface end-to-end — alongside our Head of Engineering and CTO.
## LOCATION
We are based in Lasne, Belgium, and work in a hybrid setup, combining the benefits of in-office collaboration (2-3 days per week) with the flexibility of remote work.
We are looking for candidates within commuting distance to foster teamwork and connection.
## RESPONSIBILITIES
As a DevSecOps Engineer at Trialzen, your work will span infrastructure, delivery, security and compliance. You will:
* Operate and evolve our AWS infrastructure (ECS/Fargate, RDS PostgreSQL, S3, IAM, KMS, Secrets Manager, CloudWatch, VPC, CloudFront/WAF), keeping it reliable, secure and cost-controlled as we scale.
* Own and improve our CI/CD pipelines (Bitbucket Pipelines and AWS CodePipeline) and release process for our Python/Django backend and React front-end, including image build, signing, scanning and progressive deployments.
* Own the security posture end-to-end: identity and access, secrets, network and application security, vulnerability and patch management, dependency and container scanning, SBOMs, and incident response.
* Drive compliance work end-to-end — GDPR, ISO 27001-style controls, GxP / GAMP 5-aligned computer system validation (CSV), 21 CFR Part 11 / EU Annex 11 audit trails and access controls, and SOC 2-style evidence collection — designing controls that protect the platform without slowing engineering down.
* Bring observability, alerting and SLOs to a level where we know about issues before our customers do.
* Plan and run pentests, internal audits and customer security/validation reviews (these come with the territory in pharma), and turn their outputs into a concrete, prioritized backlog.
* Collaborate closely with the engineering team on architecture, design decisions and best practices, especially where reliability, cost, security or auditability is on the line.
* Write and maintain the runbooks, threat models, validation artefacts and policies that make the platform operable, secure and audit-ready by more than one person.
We value initiative and teamwork, so you'll have the opportunity to shape both our platform and our engineering practices.
## KEY REQUIREMENTS
* A Master's or Engineering degree in Computer Science, Information Security, or a related field emphasizing programming and systems thinking.
* At least 5 years of hands-on experience in a DevOps, SRE, Platform or Security Engineering role (or a strong combination of those), with significant time on AWS in production.
* Real production experience with AWS managed at scale through infrastructure-as-code, containers (Docker, ECS/Fargate or EKS) and modern CI/CD.
* Solid application and infrastructure security fundamentals: IAM design (least privilege, scoped roles, SSO), secrets management, network segmentation, application security, vulnerability and patch management, incident handling.
* Comfortable in at least one general-purpose language for tooling and automation (Python or Typescript preferred given our stack).
* Strong self-drive and eagerness to learn. You excel at communication and are comfortable working in English.
* A problem-solving mindset with a focus on understanding the "why" behind what you're building and delivering the best experience for end-users — including your fellow engineers.
## BONUS POINTS
* Experience supporting regulated SaaS in life sciences, healthtech or fintech, especially through real GxP / GAMP 5 / 21 CFR Part 11 / EU Annex 11 audits or validation campaigns.
* Hands-on experience leading a company through ISO 27001 certification and/or SOC 2 (Type I or Type II) — not just operating inside a certified org, but building the controls and shepherding the audit.
* Deep AWS expertise: well-architected reviews, multi-account org structures with AWS Organizations / Control Tower / SSO, advanced IAM, KMS-based encryption strategies, VPC and PrivateLink designs.
* Experience securing and operating Python/Django + React stacks: ORM-level data access controls, REST API authentication/authorization, secure session and CSRF handling, supply-chain hygiene (pip / npm), CSP and WAF tuning.
* Supply-chain security in practice: SBOMs, signed builds (Sigstore/cosign), dependency and container scanning, secret scanning, branch and deployment policies.
* Experience working in agile development environments (e.g., Scrum, Kanban) and with productivity tools (e.g., JIRA).
## LANGUAGES
English fluency is a must.
French and Dutch are nice to have.
## WHAT WE OFFER
* A key role in a growing company, with opportunities to shape our platform and your career.
* Full-time or 4/5 setup, with flexible hours — focus on results, not where or how you work.
* A hybrid work setup, combining in-office collaboration in Lasne with remote flexibility.
* Competitive salary and Belgian benefits package.
* A diverse, collaborative team and an inclusive environment.
* Opportunities for occasional travel.
Interested? Contact us at info@trialzen.com or reach out to me directly on LinkedIn (Cedric Druck).