Senior DevSecOps Engineer – CI/CD and Cloud Security

Senior • Hybrid

25,200 - 29,400 PLN

Krakow, Poland

Unleash cybersecurity innovation — redefine DevSecOps practices at scale!
Krakow-based opportunity with hybrid work model.

As a Senior DevSecOps Engineer, you will be working for our client, a global leader in cloud security and software development. You will own and evolve their Jenkins Shared Library to power multi-language builds (Java/Maven, Node/NPM, Python, Helm, Terraform, containers), delivering fast, secure, and provenance-rich pipelines that enhance supply-chain integrity across teams. This role offers the chance to drive automation excellence and reinforce security in modern CI/CD environments, fostering continuous innovation and growth.

Your main responsibilities:

Design and maintain Groovy pipeline steps for build, test, package, scan, and deploy processes.
Extend Python tooling to enhance SLSA provenance, SBOM generation, hash/digest accuracy, and security scan aggregation.
Optimize pipeline performance through parallelization, caching, and dependency management.
Ensure artifact integrity with correct SHA1/SHA256 mapping and reproducible inputs.
Refactor legacy scripts to improve code quality and standardization.
Document ci-config.yaml standards and best practices for teams.
Mentor engineers on secure pipeline development and supply-chain security practices.
Troubleshoot and proactively prevent pipeline incidents to ensure seamless integration.

You're ideal for this role if you have:

At least 5 years of engineering experience, with 3+ years in CI/CD or DevSecOps.
Strong expertise with Jenkins and Groovy shared libraries.
Advanced Python automation skills (JSON/YAML processing, scripting).
Deep knowledge of Maven, NPM, Python packaging; exposure to Helm, Terraform, and container image metadata.
Solid understanding of supply-chain security concepts (SLSA, CycloneDX SBOM, digests).
Experience with SonarQube, Sonatype IQ, and container/SAST scanning tools.
Proven performance tuning skills — caching, parallel builds, dependency pruning.
Awareness of compliance standards and best practices.

It is a strong plus if you have: (optional)

Experience with artifact signing/attestation tools like cosign or OCI.
Familiarity with Terraform modules and Helm chart publishing patterns.
Knowledge of GitOps or release automation processes.
Cloud experience with GCP or AWS.

Language Required for the role:
Fluent English communication skills are essential.

Eligibility for the role:
Only candidates with an existing legal right to work in the European Union will be considered for this role.

#MAKEYourCareerBETTER
Interested? Apply now and include your CV (preferably in English) along with a statement confirming your consent to the processing and storage of your personal data.

ITDS

ITDS Business Consultants is a company that operates within the IT consulting industry, focusing on delivering innovative and professional IT projects for international companies, particularly in the financial sector across Europe. The company is committed to providing an environment that fosters professional growth, ambition, and drive. ITDS is involved in strategic projects that are crucial to the market, offering opportunities for skill enhancement and expertise development. The company values stable and long-term cooperation, providing a supportive environment for career development. ITDS also emphasizes a collaborative and international work environment, with access to various benefits such as medical packages, sports programs, and flexible working conditions. The company is dedicated to aligning its solutions with business needs and maintaining high standards in its development practices.

Check if your resume is ATS-ready before applying →Build an ATS-optimized resume