Position: DevSecOps Engineer (B2B / Freelancer Contract)
Engagement: NATO Project
Role Overview
We are recruiting on behalf of our client for an experienced DevSecOps Engineer to support a NATO engagement, focused on building, securing, and maintaining cloud-native infrastructure for mission-critical systems. This role involves designing, automating, and monitoring containerized workloads and CI/CD pipelines across hybrid and public cloud environments, ensuring operational resilience and compliance with NATO security standards.
The selected professional will play a central role in bridging development, operations, and cybersecurity, ensuring secure, scalable, and high-performance delivery pipelines. Working within an Agile/DevSecOps framework, you will collaborate with cross-functional teams to implement best practices for infrastructure automation, observability, and zero-trust compliance.
Key Responsibilities
* Deploy and operate containerized applications using orchestration frameworks such as Kubernetes, Docker, and OpenShift.
* Design, build, and maintain CI/CD pipelines with integrated automated testing and security validation.
* Implement and manage Infrastructure as Code (IaC) solutions using Terraform, Ansible, Helm, or Pulumi.
* Deploy and secure workloads across hybrid and public cloud environments (AWS, Azure, Google Cloud, VMware, OpenStack).
* Apply site reliability engineering (SRE) and observability practices using tools such as Prometheus, Grafana, ELK/Loki, and OpenTelemetry.
* Support and optimize high-throughput, service-oriented architectures, ensuring scalability and fault tolerance.
* Work within Agile/DevSecOps delivery models (Scrum, SAFe, or Kanban) to continuously improve automation and security integration.
* Design and manage secure networking and service mesh frameworks (TLS, Istio, Linkerd, API gateways).
* Implement zero-trust principles and compliance automation using tools like OPA, Kyverno, and CIS benchmarks.
* Manage identity, secrets, and access policies using IAM tools such as Vault, AWS KMS, Azure Key Vault, and RBAC/ABAC.
* Automate compliance checks, vulnerability scanning, and artifact validation (SBOMs, dependency scanning).
* Contribute to building secure DevSecOps pipelines, integrating continuous delivery with continuous security validation.
* Collaborate with developers, architects, and cybersecurity teams to define, enforce, and optimize best practices.
Required Skills & Experience
* Minimum 4 years of hands-on experience with containerization and orchestration technologies (Docker, Kubernetes, OpenShift).
* Minimum 4 years of experience designing and maintaining CI/CD pipelines with automated testing and security integration.
* Strong experience with Infrastructure as Code (IaC) tools (Terraform, Ansible, Helm, Pulumi).
* Proven experience deploying and securing workloads in hybrid or public cloud infrastructures (AWS, Azure, GCP, VMware, OpenStack).
* Proficiency in monitoring, observability, and incident management using Prometheus, Grafana, ELK/Loki, and OpenTelemetry.
* Experience implementing SRE principles, focusing on reliability, scalability, and automation.
* Practical understanding of zero-trust architecture, policy enforcement, and compliance automation.
* Knowledge of secure networking, service meshes, and API gateways.
* Strong background in identity and access management, including secrets management and least-privilege enforcement.
* Hands-on experience with Agile and DevSecOps practices and collaborative team delivery.
* Language Requirement: High proficiency in English (C1 or higher) both written and spoken.
Preferred Qualifications
* Certifications in Kubernetes (CKA/CKAD/CKS), AWS/Azure/GCP, or DevOps/DevSecOps frameworks.
* Experience with automated compliance frameworks and security-as-code principles.
* Background in NATO, defense, or government projects with secure cloud environments.
* Experience integrating security scanning, artifact signing, or supply chain security into CI/CD pipelines.
* Familiarity with GitOps workflows and tools such as ArgoCD or Flux.
Contract Type
* Engagement Model: B2B / Freelancer
* Engagement Context: NATO project under secure DevSecOps and cloud automation standards.
* Language Requirement: English fluency at C1 level or higher is mandatory.