Senior DevSecOps Specialist
Skills
About the Role
You will design, build, and maintain security monitoring for cloud infrastructure, detect and respond to incidents, and investigate vulnerabilities in code and infrastructure. You will support development teams on secure development practices, configure SAST and secret-detection tools, secure CI/CD and GitHub workflows, and analyze attack vectors to prioritize remediation.
Requirements
- 1+ year of experience working with AWS (IAM, cloud architecture, etc.)
- 1+ year of experience securing Kubernetes environments
- Experience with Cloudflare products (WAF, API Shield, etc.)
- Experience configuring SAST tools (SonarQube, CodeQL, etc.)
- Experience securing CI/CD processes in GitHub
- Understanding and ability to analyze Infrastructure-as-Code (Terraform, Terragrunt, etc.)
- Experience in identifying and investigating information security incidents
- Understanding of security-by-design principles
Responsibilities
- Build and maintain security monitoring for AWS infrastructure
- Identify and respond to security incidents in AWS
- Detect and remediate vulnerabilities in code and infrastructure
- Support development teams on secure development practices
- Ensure security of backend infrastructure and public APIs
- Configure and maintain GitHub security and CI/CD protections
- Set up and manage SAST tools and secret detection
- Analyze attack vectors and prioritize remediation of infrastructure vulnerabilities
Benefits
- Remote work from anywhere in the world excluding Russia and Belarus (schedule aligned with GMT+3)
- 20 working days of paid vacation
- Birthday presents
- Compensation for purchase of necessary technical devices for work
- Paid sick leaves
- Stability