Senior DevSecOps Engineer

Company Description

Devoteam Cyber Trust is the Cybersecurity specialist arm of the Devoteam Group. With our 800+ experts located across EMEA, we aim to establish cybersecurity as an enabler of business success rather than a gatekeeper. We leverage an end-to-end approach to Cyber Resilience, Applied Security, and Managed Security services to secure the tech journey of large and medium-sized companies from all sectors and industries.
Since 2009, previously known as INTEGRITY, our team based in Portugal is specialised in providing cutting-edge Managed Security Services that combine its expertise and proprietary technology to consistently and effectively reduce the cyber risk of our clients. The comprehensive service range includes Persistent Intrusion Testing, ISO 27001, PCI-DSS, GRC Consulting and Solutions, and Third-Party Risk Management. ISO 27001 (Information Security) and ISO 9001 (Quality) certified, PCI-QSA, and member of CREST and CIS - Centre for Internet Security, we provide services to a considerable number of clients, operating in more than 20 countries.

Job Description

We are looking for a DevSecOps Engineer.

The DevSecOps Engineer will play a key role in ensuring the efficiency and security of infrastructure and operations by implementing and managing DevSecOps practices.

The candidate will have the following duties/responsibilities:

• Develop and maintain infrastructure as code (IaC) using tools like Terraform and other Hashicorp tools to manage infrastructure, ensuring integration with Openshift;
• Develop, implement, and maintain CI/CD pipelines to automate build, testing, and deployment processes (with a focus on the Openshift environment);
• Integrate and manage CI/CD pipelines with Atlassian tools (Jira, Confluence, Bitbucket);
• Manage and monitor infrastructures, ranging from bare-metal to virtual machines and cloud platforms (e.g., AWS, Azure, GCP);
• Implement and manage monitoring and logging solutions to ensure system operation and performance;
• Respond quickly and effectively to incidents related to infrastructure, applications, and deployments, with a focus on the Openshift environment;
• Develop and optimise DevSecOps practices and tools, contributing to continuous improvement;
• Collaborate with infrastructure and development teams to integrate security practices (SecOps) throughout the entire lifecycle of infrastructure and software development, using tools like SonarQube and ensuring documentation and code security;
• Document processes, including installation protocols and technical specifications (BSDS), to ensure knowledge management;
• Stay up to date with the latest technologies and trends, keeping abreast of advancements in DevSecOps, with a focus on Openshift;

Qualifications

The candidate should have:

• Bachelor’s degree in Computer Engineering, Information Technology, or a related field;
• Proven experience (+5 years) as a DevSecOps Engineer or in a similar role;
• Experience with DevOps and SecOps principles and practices;
• Experience with infrastructures, ranging from bare-metal to virtual machines and cloud platforms (e.g., AWS, Azure, GCP);
• Experience with containerisation technologies (Docker, Kubernetes, Openshift);
• Experience with IaC (Infrastructure as Code) tools such as Ansible, Terraform, and other Hashicorp tools;
• Experience with CI/CD tools (e.g., Jenkins, GitLab CI);
• Experience with infrastructure monitoring tools (e.g., Prometheus, Grafana, Datadog);
• Experience with code analysis tools (e.g., SonarQube or similar);
• Proficiency in scripting languages (e.g., Python, Bash);
• Experience with the Atlassian toolset (Jira, Confluence, Bitbucket);
• Excellent organisational, analytical, and problem-solving skills;
• Strong sense of ethics, integrity, and responsibility;
• Excellent communication and teamwork skills;
• Fluency in Portuguese and a moderate to high level of English proficiency;

Preferred Qualifications:

• Relevant certifications, such as ITIL v4 Foundation or higher, are highly valued;
• Proficiency in information security principles, cybersecurity best practices, and frameworks (e.g., ISO 27001, NIST Cybersecurity Framework, CIS Top Critical Security Controls);
• Experience with Hashicorp tools (e.g., Vault, Consul, Nomad, Packer);
• Knowledge of JavaScript frameworks;
• Understanding of Artificial Intelligence (AI) and Machine Learning (ML) concepts and their application in DevSecOps, including infrastructure, CI/CD, cybersecurity, and code analysis.

Additional Information

What we offer:

• Professional development and monitoring talent;
• Commitment to our employees' development;
• Collaboration in a company that is constantly growing and evolving;
• Strong organisational culture: collaboration, sharing, flexibility, integrity and low ego.

Would you like to join our team? Then send your CV.