DevSecOps Engineer

Joining this project you’ll become part of Mindbox – a tech-driven company where consulting, engineering, and talent meet to build meaningful digital solutions. We’ll back you up every step of the way, accelerate your development, and ensure your skills make a difference.

At Mindbox, we connect top IT talents with technology projects for leading enterprises across Europe. Our focus is on matching your skills with work that matters – projects that use modern tech stacks, solve real business challenges, and give you space to grow. By joining us, you’ll deliver technology solutions for well-known brands, supported by the Mindbox team that values knowledge-sharing and continuous development. We make sure you have the tools, flexibility, and guidance to do your best work – and to keep moving forward in your career.

• Minimum 7+ years in engineering roles, with 3+ years in DevSecOps or CI/CD platform engineering.
• Strong hands-on expertise with Jenkins Shared Libraries (Groovy).
• Advanced Python programming for automation, YAML/JSON parsing, and tooling development.
• Solid understanding of multi-language build pipelines: Java/Maven, Node/NPM, Python, with exposure to Helm, Terraform, and container image metadata handling.
• Deep knowledge of supply chain security standards (e.g., SLSA, SBOM via CycloneDX, artifact digests).
• Experience with static and container scanning tools: SonarQube, Sonatype IQ, SAST.
• Proven ability in build optimization techniques, caching, and dependency pruning.
• Compliance Awareness & Documentation Discipline.

• Design, implement, and maintain Groovy-based Jenkins pipeline steps for build, test, packaging, scanning, and deployment.
• Extend and refine Python tooling for SLSA provenance, SBOM generation, hash/digest verification, and security scan aggregation (SonarQube, Sonatype IQ, SAST, container scans).
• Optimize pipeline performance through parallelization, caching, and smart dependency management.
• Ensure artifact integrity, reproducible builds, and accurate cryptographic mappings (SHA1/SHA256).
• Refactor legacy scripts for stability and compliance, apply standard templates, and eliminate global state issues.
• Define and document ci-config.yaml standards and enforce usage patterns.
• Mentor teams on DevSecOps best practices, supply chain security, and secure pipeline design.
• Troubleshoot and proactively prevent pipeline incidents across environments.