Senior devsecops: secure ci/cd & platform engineer

Evere
bridge351
Publiée le 27 mai
Description de l'offre

Ph3CI/CD Engineering – Security Compliance (DevSecOps / Platform Engineering) /h3 pWe are supporting a major energy‑sector digital platform initiative focused on enabling engineering and operations teams through a secure, cloud‑native internal developer platform. /p pWe are currently looking for a Senior DevSecOps / Platform Engineer to help design, implement, and operate secure CI/CD and Kubernetes‑based platform services, ensuring compliance, scalability, automation, and operational resilience across the organization’s engineering ecosystem. /p h3About The Role /h3 pIn this position, you will play a key role in the Platform Engineering and DevSecOps domain, working closely with Engineering, Operations, and Product teams to deliver secure and scalable CI/CD solutions. /p pYou will contribute to the design and operation of cloud‑native infrastructure, security tooling, GitOps workflows, observability platforms, and vulnerability management processes, while supporting software supply chain security and compliance initiatives. /p pThe role combines hands‑on technical implementation with platform reliability, automation, governance, and developer enablement responsibilities. /p h3Responsibilities /h3 ul liDesign, implement, and maintain secure DevOps and CI/CD solutions ensuring integrity, confidentiality, and availability of systems and data /li liDevelop and configure CI/CD pipelines with integrated security scanning and compliance validation /li liImplement secure configurations, access controls, encryption mechanisms, and security best practices across repositories, systems, and deployment pipelines /li liAutomate infrastructure provisioning and management using Infrastructure‑as‑Code tools such as Terraform, OpenTofu, and Ansible /li liDesign and operate Kubernetes‑based platforms and containerized environments with a strong focus on security, scalability, and operational reliability /li liImplement and maintain GitOps workflows using tools such as ArgoCD and FluxCD /li liOperate and optimize GitLab environments, including CI workloads, governance, access control, and high‑availability architectures /li liIntegrate and expose security tooling to development teams through self‑service workflows and CI/CD integration /li liSupport vulnerability management and security hardening activities, including patching, dependency management, remediation tracking, and secure baseline enforcement /li liImplement and maintain software supply chain security practices including SBOM generation, dependency tracking, artifact signing, provenance, and compliance validation /li liIntegrate security tooling such as Trivy, Dependency‑Track, and DefectDojo into development and deployment workflows /li liBuild and maintain observability platforms using Prometheus, Grafana, Loki, OpenTelemetry, and related tooling /li liMonitor platform reliability, availability, logs, metrics, traces, and incident response activities /li liConduct risk assessments, threat modelling, audits, and compliance reviews /li liCollaborate with development, operations, and security stakeholders to support platform evolution and operational excellence /li liProduce and maintain technical documentation, architecture diagrams, operational procedures, FAQs, and knowledge base content /li liSupport disaster recovery planning, backup strategies, and operational continuity initiatives /li liContribute to the continuous improvement of developer experience and platform self‑service capabilities /li /ul h3Mandatory Requirements /h3 h3Education /h3 ul liBachelor’s or Master’s degree in Computer Science, Engineering, Information Systems, or equivalent experience /li /ul h3Professional Experience Expertise /h3 ul liStrong experience designing and implementing DevSecOps and CI/CD solutions in enterprise environments /li liProven experience embedding security controls into CI/CD pipelines and platform layers /li liStrong hands‑on experience operating large‑scale Kubernetes environments /li liDeep understanding of Kubernetes internals including networking, RBAC, admission controllers, storage, scheduling, and API extensions /li liExperience implementing container and runtime security in Kubernetes environments /li liStrong experience with GitOps workflows using ArgoCD and or FluxCD /li liStrong hands‑on experience with Infrastructure‑as‑Code using Terraform or OpenTofu /li liExperience integrating security controls and compliance validation into CI/CD workflows /li liExperience operating GitLab in large‑scale enterprise environments /li liStrong experience managing CI/CD workloads and platform reliability /li liExperience with software supply chain security concepts including SBOMs, artifact signing, dependency tracking, attestations, and provenance /li liHands‑on experience with security tooling such as Trivy, Dependency‑Track, DefectDojo, or similar solutions /li liExperience supporting vulnerability management, remediation, and security hardening initiatives /li liStrong understanding of cloud and network security principles including segmentation, firewalls, VPNs, and secure communication /li liStrong knowledge of encryption, PKI, certificates, and secure communication flows /li liExperience working in compliance‑driven or regulated environments /li liExperience supporting audits and security policy reviews /li liStrong collaboration and stakeholder management skills within cross‑functional technical environments /li /ul h3Technical Knowledge Skills /h3 ul liKubernetes (GKE preferred) /li liGitLab CI/CD /li liArgoCD / FluxCD /li liTerraform / OpenTofu /li liDocker container ecosystems /li liHarbor registry /li liTrivy, Dependency‑Track, DefectDojo /li liPrometheus, Grafana, Loki, OpenTelemetry /li liGCP / GKE / IAM / Networking /li liInfrastructure automation and platform engineering /li liObservability and monitoring platforms /li liSecurity hardening and vulnerability management /li liCI/CD pipeline automation /li liDocumentation and technical governance /li liPostgreSQL, Jira, TestRail /li /ul h3Nice to Have /h3 ul liExperience operating platforms in regulated or critical infrastructure environments /li liExperience with policy‑as‑code frameworks such as Kyverno /li liExperience with secrets management solutions such as HashiCorp Vault /li liFamiliarity with progressive delivery approaches such as Argo Rollouts /li liExperience with multi‑cloud or hybrid cloud environments /li liFamiliarity with Software Composition Analysis (SCA) tools and practices /li liExperience with SAST solutions and secure development lifecycle practices /li liExperience balancing cloud scalability, operational efficiency, and security requirements /li /ul h3Languages /h3 ul liFluent English (mandatory – B2 minimum) /li liGerman is a plus /li /ul h3Location /h3 ul liBrussels /li /ul h3Work Model /h3 ul liHybrid - Full-time /li /ul /p #J-18808-Ljbffr

Postuler
Créer une alerte
Alerte activée
Sauvegardée
Sauvegarder
Offres similaires
Emploi Evere
Emploi Bruxelles-Capitale
Postuler
Créer une alerte
Alerte activée
Sauvegardée
Sauvegarder