CI/CD Engineering – Security & Compliance (DevSecOps / Platform Engineering)
We are supporting a major energy‑sector digital platform initiative focused on enabling engineering and operations teams through a secure, cloud‑native internal developer platform.
We are currently looking for a Senior DevSecOps / Platform Engineer to help design, implement, and operate secure CI/CD and Kubernetes‑based platform services, ensuring compliance, scalability, automation, and operational resilience across the organization’s engineering ecosystem.
About The Role
In this position, you will play a key role in the Platform Engineering and DevSecOps domain, working closely with Engineering, Operations, and Product teams to deliver secure and scalable CI/CD solutions.
You will contribute to the design and operation of cloud‑native infrastructure, security tooling, GitOps workflows, observability platforms, and vulnerability management processes, while supporting software supply chain security and compliance initiatives.
The role combines hands‑on technical implementation with platform reliability, automation, governance, and developer enablement responsibilities.
Responsibilities
Design, implement, and maintain secure DevOps and CI/CD solutions ensuring integrity, confidentiality, and availability of systems and data
Develop and configure CI/CD pipelines with integrated security scanning and compliance validation
Implement secure configurations, access controls, encryption mechanisms, and security best practices across repositories, systems, and deployment pipelines
Automate infrastructure provisioning and management using Infrastructure‑as‑Code tools such as Terraform, OpenTofu, and Ansible
Design and operate Kubernetes‑based platforms and containerized environments with a strong focus on security, scalability, and operational reliability
Implement and maintain GitOps workflows using tools such as ArgoCD and FluxCD
Operate and optimize GitLab environments, including CI workloads, governance, access control, and high‑availability architectures
Integrate and expose security tooling to development teams through self‑service workflows and CI/CD integration
Support vulnerability management and security hardening activities, including patching, dependency management, remediation tracking, and secure baseline enforcement
Implement and maintain software supply chain security practices including SBOM generation, dependency tracking, artifact signing, provenance, and compliance validation
Integrate security tooling such as Trivy, Dependency‑Track, and DefectDojo into development and deployment workflows
Build and maintain observability platforms using Prometheus, Grafana, Loki, OpenTelemetry, and related tooling
Monitor platform reliability, availability, logs, metrics, traces, and incident response activities
Conduct risk assessments, threat modelling, audits, and compliance reviews
Collaborate with development, operations, and security stakeholders to support platform evolution and operational excellence
Produce and maintain technical documentation, architecture diagrams, operational procedures, FAQs, and knowledge base content
Support disaster recovery planning, backup strategies, and operational continuity initiatives
Contribute to the continuous improvement of developer experience and platform self‑service capabilities
Mandatory Requirements
Education
Bachelor’s or Master’s degree in Computer Science, Engineering, Information Systems, or equivalent experience
Professional Experience & Expertise
Strong experience designing and implementing DevSecOps and CI/CD solutions in enterprise environments
Proven experience embedding security controls into CI/CD pipelines and platform layers
Strong hands‑on experience operating large‑scale Kubernetes environments
Deep understanding of Kubernetes internals including networking, RBAC, admission controllers, storage, scheduling, and API extensions
Experience implementing container and runtime security in Kubernetes environments
Strong experience with GitOps workflows using ArgoCD and or FluxCD
Strong hands‑on experience with Infrastructure‑as‑Code using Terraform or OpenTofu
Experience integrating security controls and compliance validation into CI/CD workflows
Experience operating GitLab in large‑scale enterprise environments
Strong experience managing CI/CD workloads and platform reliability
Experience with software supply chain security concepts including SBOMs, artifact signing, dependency tracking, attestations, and provenance
Hands‑on experience with security tooling such as Trivy, Dependency‑Track, DefectDojo, or similar solutions
Experience supporting vulnerability management, remediation, and security hardening initiatives
Strong understanding of cloud and network security principles including segmentation, firewalls, VPNs, and secure communication
Strong knowledge of encryption, PKI, certificates, and secure communication flows
Experience working in compliance‑driven or regulated environments
Experience supporting audits and security policy reviews
Strong collaboration and stakeholder management skills within cross‑functional technical environments
Technical Knowledge & Skills
Kubernetes (GKE preferred)
GitLab CI/CD
ArgoCD / FluxCD
Terraform / OpenTofu
Docker & container ecosystems
Harbor registry
Trivy, Dependency‑Track, DefectDojo
Prometheus, Grafana, Loki, OpenTelemetry
GCP / GKE / IAM / Networking
Infrastructure automation and platform engineering
Observability and monitoring platforms
Security hardening and vulnerability management
CI/CD pipeline automation
Documentation and technical governance
PostgreSQL, Jira, TestRail
Nice to Have
Experience operating platforms in regulated or critical infrastructure environments
Experience with policy‑as‑code frameworks such as Kyverno
Experience with secrets management solutions such as HashiCorp Vault
Familiarity with progressive delivery approaches such as Argo Rollouts
Experience with multi‑cloud or hybrid cloud environments
Familiarity with Software Composition Analysis (SCA) tools and practices
Experience with SAST solutions and secure development lifecycle practices
Experience balancing cloud scalability, operational efficiency, and security requirements
Languages
Fluent English (mandatory – B2 minimum)
German is a plus
Location
Brussels
Work Model
Hybrid - Full-time
#J-18808-Ljbffr