Jobs · nofluffjobs
DevSecOps Engineer
Nimbus Data Systems · Kraków · Posted 10d ago
About the role
At Mindbox we connect top IT talents with technology projects for leading enterprises across Europe. Join our client’s team as a DevSecOps Engineer! Are you an expert in CI/CD platforms with a strong security mindset? We are seeking a DevSecOps Engineer to design and evolve secure, high-performance build pipelines for multi-language applications, ensuring supply chain integrity and compliance in a global environment. Sounds like your kind of challenge? #LI- Hybrid – 6 days a month from the office in Kraków What you get in return Flexible cooperation model – choose the form that suits you best (B2B, employment contract, etc.) Hybrid work setup – 6 days a month from the office in Kraków Collaborative team culture – work alongside experienced professionals eager to share knowledge Continuous development – access to training platforms and growth opportunities Comprehensive benefits – including Interpolska Health Care, Multisport card, Warta Insurance, and more High quality equipment – laptop and essential software provided
Requirements:
Experience & Skills: Minimum 7+ years in engineering roles, with 3+ years in DevSecOps or CI/CD platform engineering . Strong hands-on expertise with Jenkins Shared Libraries (Groovy) . Advanced Python programming for automation, YAML/JSON parsing, and tooling development. Solid understanding of multi-language build pipelines: Java/Maven, Node/NPM, Python , with exposure to Helm, Terraform , and container image metadata handling. Security Expertise: Deep knowledge of supply chain security standards (e.g., SLSA, SBOM via CycloneDX, artifact digests). Experience with static and container scanning tools: SonarQube, Sonatype IQ, SAST . Performance Tuning: Proven ability in build optimization techniques, caching, and dependency pruning. Compliance Awareness & Documentation Discipline. Joining this project you’ll become part of Mindbox – a tech-driven company where consulting, engineering, and talent meet to build meaningful digital solutions. We’ll back you up every step of the way, accelerate your development, and ensure your skills make a difference.
Must have: Jenkins, Groovy, Python, YAML, JSON, Java, Maven, Node.js, npm, Helm, Terraform, Security, SonarQube, SAST, Performance tuning
Daily tasks: - Design, implement, and maintain Groovy-based Jenkins pipeline steps for build, test, packaging, scanning, and deployment.
– Extend and refine Python tooling for SLSA provenance, SBOM generation, hash/digest verification, and security scan aggregation (SonarQube, Sonatype IQ, SAST, container scans).
– Optimize pipeline performance through parallelization, caching, and smart dependency management.
– Ensure artifact integrity, reproducible builds, and accurate cryptographic mappings (SHA1/SHA256).
– Refactor legacy scripts for stability and compliance, apply standard templates, and eliminate global state issues.
– Define and document ci-config.yaml standards and enforce usage patterns.
– Mentor teams on DevSecOps best practices, supply chain security, and secure pipeline design.
– Troubleshoot and proactively prevent pipeline incidents across environments.
Read the full posting on nofluffjobs →
FAQ
Is the DevSecOps Engineer role at Nimbus Data Systems remote?+
This DevSecOps Engineer position is listed as onsite (Kraków).
What is the salary for the DevSecOps Engineer role at Nimbus Data Systems?+
The listing states 26000-32000 PLN.
What seniority level is this DevSecOps Engineer role?+
This is a senior level position.
How do I apply for the DevSecOps Engineer role at Nimbus Data Systems?+
Use the "Apply on nofluffjobs" button to open the original posting on nofluffjobs, where you can submit your application directly to Nimbus Data Systems.