Skip to main contentA logo with &quat;the muse&quat; in dark blue text.

Senior DevSecOps Engineer

AT EPAM Systems
EPAM Systems

Senior DevSecOps Engineer

Dabas, Hungary

EPAM is a leading global provider of digital platform engineering and development services. We are committed to having a positive impact on our customers, our employees, and our communities. We embrace a dynamic and inclusive culture. Here you will collaborate with multi-national teams, contribute to a myriad of innovative projects that deliver the most creative and cutting-edge solutions, and have an opportunity to continuously learn and grow. No matter where you are located, you will join a dedicated, creative, and diverse community that will help you discover your fullest potential.
EPAM is looking for a dedicated Senior DevSecOps Engineer to automate and optimize our development processes and ensure secure CI/CD pipelines. Working closely with our Security Architect, your main responsibility would be to reinforce our security posture across our development teams and digital portfolio.

Want more jobs like this?

Get jobs in Dabas, Hungary delivered to your inbox every week.

By signing up, you agree to our Terms of Service & Privacy Policy.

At EPAM, you will work with the most recent advancements in tech, ensuring that our innovative solutions stay at the cutting edge of technology trends while also being safe and reliable. Our DevSecOps team is composed of globally recognized experts who take pride in driving real impact in the tech security domain.
We value flexibility and offer a modern approach to working with a hybrid model. You can enjoy the privilege of working from home, backed by occasional visits to client sites or our office. This is an exceptional opportunity to lead and learn while shaping the future of secure technology deployment.

#LI-DNI

Responsibilities
  • Collaborate with the Security Architect to drive the Security Architecture & Solutions for our core digital portfolio and future digital products
  • Automate repetitive tasks and implement secure CI/CD pipelines, enhancing productivity and reducing errors
  • Own the implementation and continuous improvement of security tooling across various areas including static/dynamic analysis, dependency scanning, and secrets detection
  • Implement appropriate technical and organizational security controls to mitigate identified risks, with a focus on automating these measures wherever possible
  • Promote and facilitate Security-By-Design principles across the development team, bridging the gap between operations and security
  • Implement Infrastructure as Code (IaC) security measures, protecting integral aspects of our infrastructure and ensuring secure deployments
  • Embed security within the DevOps lifecycle, including the design and execution of signed image verification systems to ensure the authenticity and integrity of images
  • Conduct ongoing security training for the development team to ensure awareness and compliance
Requirements
  • Security-focused or Computer Science university degree (Bachelors) OR equivalent experience
  • 5+ years' experience in DevOps, with significant exposure to security aspects
  • Proficiency in one or more programming languages, predominantly used in DevOps like Python, Ruby, or Go
  • Practical experience with CI/CD pipelines and tools such as Jenkins, and AWS CodePipeline
  • Experience with container orchestration tools like Kubernetes and Docker, and cloud environments such as AWS, Azure, or Google Cloud
  • Relevant certifications such as AWS/Azure Certified DevOps Engineer, or similar qualifications are considered an advantage
  • Experience with medical security governance and IT general control frameworks such as DSOMM, HIPPA, ISO 13485, NIST CSF, NIST 800-53, MDR (EU), etc., is a huge advantage
  • Deep understanding of secure Infrastructure as Code (IaC) strategies and signed image verification practices
  • Experience in using Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) tools for code analysis
  • Security Knowledge: Solid understanding of network access, identity, access management, applied cryptography, network security methodologies, and secure software development methodologies
  • Knowledge and experience with identifying and understanding the most common application security vulnerabilities (OWASP Top 10)
  • Agile mindset, Continuous Quality and Process Improvement
  • Deep expertise across various areas including API security, DevSecOps practices, Identity and Access Management, Compliance & regulations for medical devices, Cloud Security Architecture & Controls, Security Architecture & Models in Healthcare, Zero trust & Defense in depth principles, Network security, Infrastructure and application security assessment, Vulnerability management, Application Security, IoT Security architecture, CI/CD tooling (SAST, DAST, SCA, Secret Scanner, Secure Gates, Image Signed, etc), Threat Modeling, and Security Operations
We offer
  • Dynamic, entrepreneurial corporate environment
  • Diverse multicultural, multi-functional, and multilingual work environment
  • Opportunities for personal and career growth in a progressive industry
  • Global scope, international projects
  • Widespread training and development opportunities
  • Unlimited access to LinkedIn learning solutions
  • Competitive salary and various benefits
  • Advanced wellbeing and CSR programs, recreation area
Do you know someone interested in starting a career in IT? Share our EPAM Campus programs with them, where they can enhance their knowledge in various fields online, free of charge.

Client-provided location(s): Hungary
Job ID: EPAM-epamgdo_blt69014f3613b09256_en-us_Other_Hungary
Employment Type: Other