Informacje o stanowisku
Senior DevSecOps / CI/CD Engineer
Contract type: B2B / Contracting
Work model: Hybrid – 2 days per week on-site (Kraków)
Industry: Banking / FinTech
Rate: 200–220 PLN/h (B2B)
Role Overview
We are looking for a highly experienced Senior DevSecOps / CI/CD Engineer to join a platform engineering team supporting a major banking client. The role focuses on designing, building, and maintaining secure, efficient CI/CD pipelines and improving the organization’s software supply-chain security posture.
You will work on pipeline optimization, Python tooling, artifact integrity, security scanning, and mentoring engineers on DevSecOps best practices.
- 7+ years of engineering experience, including 3+ years in CI/CD platform development or DevSecOps.
- Strong expertise in Jenkins and Groovy Shared Libraries.
- Advanced proficiency in Python (automation, tooling scripts, JSON/YAML processing).
- Deep understanding of Maven / NPM / Python packaging; exposure to Helm/Terraform and container image metadata.
- Strong background in supply-chain security (SLSA, CycloneDX SBOM, digests).
- Experience with SonarQube, Sonatype IQ, container scanning, and SAST tools.
- Proven performance tuning skills (caching, parallelization, dependency pruning).
- Awareness of compliance standards and enterprise governance.
Nice-to-Have
- Experience with artifact signing / attestations (cosign, OCI).
- Familiarity with publishing Terraform modules and Helm charts.
- GitOps or release automation experience.
- Cloud experience (GCP or AWS).
Soft Skills
- Clear and precise communication.
- Strong documentation discipline.
- Ownership mindset; able to operate independently with minimal supervision.
Senior DevSecOps / CI/CD Engineer
Contract type: B2B / Contracting
Work model: Hybrid – 2 days per week on-site (Kraków)
Industry: Banking / FinTech
Rate: 200–220 PLN/h (B2B)
Role Overview
We are looking for a highly experienced Senior DevSecOps / CI/CD Engineer to join a platform engineering team supporting a major banking client. The role focuses on designing, building, and maintaining secure, efficient CI/CD pipelines and improving the organization’s software supply-chain security posture.
You will work on pipeline optimization, Python tooling, artifact integrity, security scanning, and mentoring engineers on DevSecOps best practices.
,[Design and maintain Groovy-based pipeline steps (build, test, package, scan, deploy)., Extend Python tooling for SLSA provenance, SBOM generation, digest/hash accuracy, and aggregated security scanning (SonarQube, Sonatype IQ, SAST/Container)., Optimize pipeline performance (parallel builds, caching, reduced-scope BOMs, dependency prefetch)., Ensure artifact integrity (correct SHA1/SHA256 mapping, reproducible builds, evidence modeling)., Refactor legacy scripts: remove global state, unify hashing logic, standardize templates., Create and maintain documentation for ci-config.yaml standards and usage patterns., Mentor engineers on secure pipeline development and supply-chain security practices., Troubleshoot and prevent incidents in CI/CD pipelines. Requirements: DevSecOps, CI/CD, Jenkins, Groovy Shared Libraries, Python, Maven, npm, Helm, Terraform, SonarQube, Sonatype IQ, Container Scanning, SAST, Communication skills, Documentation writing, Cosign, OCI, Terraform modules, Helm charts, GCP, AWS
Praca KrakówKraków - Oferty pracy w okolicznych lokalizacjach
