Senior DevSecOps Engineer
Indexed description
We are seeking a Senior DevSecOps Engineer with strong experience in platform or infrastructure engineering and a solid foundation in application security. This role focuses on designing, building, and operating scalable enterprise platforms that enable seamless integration, orchestration, and management of SAST (Static Application Security Testing) tooling. You will work within cloud-native environments and Kubernetes, driving automation, improving developer experience, and ensuring secure, compliant, and reliable security tooling at scale.
Responsibilities
- Design, build, and maintain scalable platforms supporting enterprise SAST tooling
- Integrate security scanning capabilities into CI/CD pipelines to enable secure SDLC practices
- Develop and optimise platform architecture for performance, scalability, and reliability
- Automate deployment, configuration, and operational workflows using Infrastructure as Code
- Enable secure and efficient consumption of SAST services by engineering teams
- Implement platform hardening, including access control, secrets management, and compliance enforcement
- Ensure observability through logging, monitoring, and alerting for platform and scanning services
- Collaborate with engineering and security teams to improve developer enablement and security adoption
- Manage and operate cloud-native infrastructure and Kubernetes environments
- Support continuous improvement of platform capabilities, integrations, and automation frameworks
Requirements
- 3+ years of experience in platform engineering or infrastructure engineering
- Solid understanding of application security principles and secure SDLC practices
- Experience building or supporting platforms for security tooling, ideally SAST
- Hands-on experience with Cloud technologies and Kubernetes
- Proven experience integrating security tools into CI/CD pipelines
- Strong knowledge of Infrastructure as Code and automation tools such as Terraform or Helm
- Good scripting skills and strong troubleshooting and problem-solving capabilities
- Fluent English communication skills at a B2+ level
Nice to have
- Experience with GitHub Actions or similar CI/CD orchestration tools
- Knowledge of secrets management solutions (e.g., HashiCorp Vault or cloud-native alternatives)
- Experience with monitoring and observability tools (e.g., Prometheus, Grafana, Cloud Monitoring)
- Exposure to compliance frameworks and enterprise security requirements
- Experience with additional application security domains (e.g., DAST, SCA)
- Understanding of service integration patterns and platform engineering best practices
We offer
- Dynamic, entrepreneurial corporate environment
- Diverse multicultural, multi-functional, and multilingual work environment
- Opportunities for personal and career growth in a progressive industry
- Global scope, international projects
- Widespread training and development opportunities
- Access to LinkedIn Learning solutions
- Competitive salary and various benefits
- Advanced wellbeing and CSR programs, recreation area
Do you know someone interested in starting a career in IT? Share our EPAM Campus programs with them, where they can enhance their knowledge in various fields online, free of charge.
EPAM is a leading global provider of digital platform engineering and development services. We are committed to having a positive impact on our customers, our employees, and our communities. We embrace a dynamic and inclusive culture. Here you will collaborate with multi-national teams, contribute to a myriad of innovative projects that deliver the most creative and cutting-edge solutions, and have an opportunity to continuously learn and grow. No matter where you are located, you will join a dedicated, creative, and diverse community that will help you discover your fullest potential.
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search