DevSecOps Engineer

Mindbox is a tech-driven company connecting top IT talents with technology projects for leading enterprises across Europe, focusing on consulting, engineering, and talent to build digital solutions.

• 7+ years of engineering experience, with 3+ years focused on CI/CD platforms or DevSecOps.
• Solid expertise in Jenkins, Kubernetes (K8s), and Groovy Shared Libraries.
• Advanced Python automation scripting (JSON/YAML processing, CLI tooling).
• Strong understanding of Maven, NPM, Python packaging; familiarity with Helm, Terraform, and container metadata.
• Hands-on experience with supply-chain security, including SLSA frameworks, SBOM formats (CycloneDX), and cryptographic digests.
• Knowledge of security tools: SonarQube, Sonatype IQ, SAST, container scanning.
• Proven track record in performance optimization of CI/CD pipelines.
• Awareness of compliance and secure coding practices.

Nice to have:

• Experience with artifact signing/attestations (e.g., cosign, OCI standards).
• Hands-on knowledge of publishing Terraform modules and Helm charts.
• Exposure to GitOps or automated release management.
• Proficiency with major cloud providers, especially GCP or AWS.

• Design and maintain Groovy pipeline steps for build, test, package, scan, and deploy workflows.
• Generate SLSA provenance and SBOM.
• Perform hash/digest validation.
• Aggregate security scans (SonarQube, Sonatype IQ, SAST, container scans).
• Optimize pipeline performance including parallel builds, caching, reduced BOM scope, and dependency prefetch.
• Guarantee artifact integrity through SHA1/SHA256 mapping and evidence modeling.
• Refactor legacy scripts for maintainability and standardization.
• Document ci-config.yaml patterns and enforce best practices.
• Mentor engineers on secure pipeline development and compliance practices.
• Troubleshoot and proactively prevent pipeline-related incidents.