DevSecOps Engineer

Who We Are Looking For: The Architects of Secure Velocity

You are a highly skilled engineer who sees security as a feature, not an afterthought. Your focus is on eliminating manual processes and hardening the infrastructure.

• You Are the Security Integrator: You won't just audit code; you will embed security tools and practices within the CI/CD pipeline (SAST, DAST, IAST, image scanning). Your goal is to make security checks mandatory, automated, and invisible to the developers.
• Master of the Toolchain: You're obsessed with Infrastructure as Code (IaC), automation, and building highly available, secure Cloud environments (AWS, Azure, or GCP). You know that the best defense is automation.
• Exponential Growth in Expertise: This role offers direct exposure to cutting-edge Cloud, AI, and Cybersecurity challenges. You will quickly become an expert in scalable, secure architectures, driving your career towards Security Architecture or Platform Engineering Leadership.

Your Mission: Build, Secure, and Automate

Your success is measured by the speed of deployment, the stability of the platform, and the absence of critical vulnerabilities.

• CI/CD Security Automation: Design, implement, and maintain secure CI/CD pipelines (e.g., GitLab, Jenkins, GitHub Actions), focusing on integrating security tests early and often (shift left).
• Cloud Security Implementation: Implement and enforce security controls, configurations, and hardening across our Cloud infrastructure using IaC tools (Terraform, CloudFormation).
• Incident Response and Monitoring: Define and refine security monitoring, alerting, and automated incident response protocols (logging, SIEM integration). You are the first line of defense for the platform.
• Collaboration with Dev Teams: Work alongside development teams to define secure coding standards, conduct security training, and evangelize DevSecOps best practices throughout the organization.

Who You Are: The Security-First Automator

You are an engineer who views a slow or insecure process as an immediate problem to be solved with code.

• Deep Experience: You have 2–5 years of experience in DevOps, SRE, or specifically DevSecOps, with a strong background in Cloud platforms (AWS, Azure, or GCP).
• Tooling Ninja: Expert proficiency with IaC (Terraform), configuration management (Ansible/Puppet), containerization (Docker, Kubernetes), and modern CI/CD tools.
• Security Savvy: Solid understanding of security fundamentals, including identity and access management (IAM), network security, encryption, and threat modeling. Certifications (e.g., AWS Security Specialist, CISSP, GCSA) are a major advantage.
• Automation Obsession: You believe manual tasks are a risk. You are compelled to write code to solve operational and security challenges.

What We Offer

A compensation and environment built for high-performing, specialized engineers.

• Highly Competitive Salary: 40K-60K, with performance bonuses tied to platform security and availability metrics.
• Advanced Tech Stack: Direct access to cutting-edge tools and technologies (AI, advanced Cloud services, specialized security tools). You'll work with the best, to be the best.
• Strategic Hybrid Model: Office in Milan (3 days) for deep, collaborative engineering sessions with the Platform and Product teams. 2 flexible days.
• Career Path to Security Architecture: This role provides a clear track to becoming a Principal Security Architect or Platform Engineering Leader, defining the future technological roadmap of the company.

Selection Process: Engineering Rigor

We want to see your code, your secure thinking, and your automation philosophy.

• Phase 1: Screening Call (30 minutes)
• Phase 2: Technical Deep Dive Interview (1 hour) – Focus on IaC, CI/CD, and Cloud Security principles.
• Phase 3: Practical Coding/Design Challenge (Take-home or collaborative session) – Solve a real-world DevSecOps scenario.
• Phase 4: Cultural & Leadership Fit Interview with Engineering Management (30 minutes)

Compensation Range: €40K - €60K

---