Informacje o stanowisku
At Mindbox we connect top IT talents with technology projects for leading enterprises across Europe.
We are looking for a DevSecOps Engineer to own and evolve our Jenkins Shared Library, powering multi-language builds (Java/Maven, Node/NPM, Python, Helm, Terraform, containers). You will deliver fast, secure, provenance-rich pipelines (SLSA, SBOM, digests) and strengthen supply-chain integrity across teams.
Sounds like your kind of challenge?
What you get in return
- Flexible cooperation model – choose the form that suits you best
(B2B, employment contract, etc.) - Hybrid work setup – remote days available depending on the client’s arrangements - 6x in the office per month
- Collaborative team culture – work alongside experienced professionals eager to share knowledge
- Continuous development – access to training platforms and growth opportunities
- Comprehensive benefits – including Interpolska Health Care, Multisport card, Warta Insurance, and more
- 7+ years of engineering experience; 3+ years in CI/CD platform or DevSecOps
- Strong Jenkins + Groovy shared library expertise
- Advanced Python automation (JSON/YAML processing, tooling scripts)
- Deep knowledge of Maven/NPM/Python packaging; exposure to Helm/Terraform and container image metadata
- Supply-chain security (SLSA, CycloneDX SBOM, digests)
- Experience with SonarQube, Sonatype IQ, container and SAST scanning
- Proven performance tuning (caching, parallelization, dependency pruning)
- Compliance awareness
Nice to have:
- Artifact signing / attestations (cosign, OCI)
- Terraform module and Helm chart publishing patterns
- GitOps or release automation experience
- GCP/AWS cloud experience
Joining this project you’ll become part of Mindbox – a tech-driven company where consulting, engineering, and talent meet to build meaningful digital solutions. We’ll back you up every step of the way, accelerate your development, and ensure your skills make a difference.
At Mindbox we connect top IT talents with technology projects for leading enterprises across Europe.
We are looking for a DevSecOps Engineer to own and evolve our Jenkins Shared Library, powering multi-language builds (Java/Maven, Node/NPM, Python, Helm, Terraform, containers). You will deliver fast, secure, provenance-rich pipelines (SLSA, SBOM, digests) and strengthen supply-chain integrity across teams.
Sounds like your kind of challenge?
What you get in return
- Flexible cooperation model – choose the form that suits you best
(B2B, employment contract, etc.) - Hybrid work setup – remote days available depending on the client’s arrangements - 6x in the office per month
- Collaborative team culture – work alongside experienced professionals eager to share knowledge
- Continuous development – access to training platforms and growth opportunities
- Comprehensive benefits – including Interpolska Health Care, Multisport card, Warta Insurance, and more
,[Design and maintain Groovy pipeline steps (build, test, package, scan, deploy), Extend Python tooling for SLSA provenance, SBOM generation, hash/digest accuracy, and security scan aggregation (SonarQube, Sonatype IQ, SAST/Container), Optimize performance (parallel builds, caching, scope-reduced BOMs, dependency prefetch), Ensure artifact integrity (correct SHA1/SHA256 mapping, reproducible inputs, evidence modeling), Refactor legacy scripts (remove global state, consolidate hashing, standardize templates), Document ci-config.yaml standards and usage patterns, Mentor engineers on secure pipeline development and supply-chain practices, Troubleshoot and prevent pipeline incidents Requirements: Jenkins, Groovy, Python, JSON, YAML, Maven, npm, Helm, Terraform, Security, SonarQube, SAST, Performance tuning, GitOps, GCP, AWS Cloud Additionally: Sport subscription, Private healthcare, International projects.
Praca KrakówKraków - Oferty pracy w okolicznych lokalizacjach
