Devsecops Engineer Bardi

Devsecops Engineer
Bardi
Emilia Romagna, Bardi

Responsibilities: Designing Secure CI/CD Pipelines: Develop and maintain automated CI/CD pipelines (preferably Gitlab) with a focus on security best practices, including SAST/DAST/SCA, vulnerability assessment. Infrastructure Security: Implement and maintain infrastructure as code using Terraform / CloudFormation / Ansible, ensuring secure configuration and compliance with industry standards and regulatory requirements. Security Monitoring and Incident Response: Set up and manage security monitoring tools to detect and respond to security incidents promptly. Develop incident response playbooks and collaborate with relevant teams to address security incidents effectively. Security Compliance: Ensure compliance with industry regulations (PCI DSS, GDPR, local financial regulation) and internal security policies. Conduct regular security assessments and audits to identify and address compliance gaps. Security Tooling and Automation: Evaluate, deploy, and manage security tools and technologies to automate security processes and enhance overall security posture. Continuously research and stay updated on emerging threats and security trends. Secrets Management: Design, implement, and maintain robust secrets management solutions and processes using Hashicorp Vault and AWS SM / KMS. Collaboration and Knowledge Sharing: Work closely with development, operations, and product teams to embed security into the software development lifecycle. Provide security training and guidance to team members to increase awareness and promote a security-first culture. Maintain comprehensive documentation and playbooks for configuring, operating, and troubleshooting security solutions. Risk Management: Participate in risk assessments and threat modelling exercises to identify potential security risks and vulnerabilities. Develop and implement risk mitigation strategies to minimize exposure to security threats. Requirements: Proven experience in DevOps, software engineering, or related roles, with a focus on security. Hands-on experience with cloud platforms (AWS, Azure, GCP), containerisation technologies (Docker, Kubernetes), configuration management (Ansible). Proficiency in scripting and automation using languages such as Python or Bash. Strong understanding of security principles, protocols, and standards (e. g. , OWASP Top 10, NIST Cybersecurity Framework, CIS Benchmarks). Experience with security testing tools (e. g. , Tryvi, Prowler, ScoutSuite, SonarQube, OWASP ZAP, Nessus) and vulnerability management processes. Excellent communication and collaboration skills, with the ability to work effectively in a cross-functional team environment. Knowledge of financial industry regulations and compliance requirements is a plus. Demonstrated ability to adapt to a fast-paced, dynamic environment and drive initiatives independently. What you will get in return: You will join a company that cares about work and life balance. Annual Bonus based on the performance review cycle. Family Medical Insurance, Pension fund, MyBenefit system, and Multisport card for CoE. Generous Annual Leave Policy (26 days of paid leave for B2B and CoE). Hybrid working model (3 days from our modern office and 2 days fully remotely). Comprehensive Workation Policy with 30 more remote days available. Possibility of taking two additional days of paid leave per year to dedicate to volunteering efforts.

#J-18808-Ljbffr