.
DevSecOps Engineer
  • Kraków
DevSecOps Engineer
Kraków, Kraków, Lesser Poland Voivodeship, Polska
Mindbox Sp. z o.o.
30. 11. 2025
Informacje o stanowisku

DevSecOps Engineer

Miejsce pracy: Kraków

Technologies we use

Expected

  • Jenkins
  • Groovy
  • Python
  • Maven
  • NPM
  • Helm
  • Terraform
  • SonarQube
  • Sonatype IQ

Optional

  • Google Cloud Platform
  • AWS

Operating system

  • Windows

About the project

We are looking for a DevSecOps Engineer to own and evolve our Jenkins Shared Library, powering multi-language builds (Java/Maven, Node/NPM, Python, Helm, Terraform, containers). You will deliver fast, secure, provenance-rich pipelines (SLSA, SBOM, digests) and strengthen supply-chain integrity across teams.

Sounds like your kind of challenge?

Your responsibilities

  • Design and maintain Groovy pipeline steps (build, test, package, scan, deploy)
  • Extend Python tooling for SLSA provenance, SBOM generation, hash/digest accuracy, and security scan aggregation (SonarQube, Sonatype IQ, SAST/Container)
  • Optimize performance (parallel builds, caching, scope-reduced BOMs, dependency prefetch)
  • Ensure artifact integrity (correct SHA1/SHA256 mapping, reproducible inputs, evidence modeling)
  • Refactor legacy scripts (remove global state, consolidate hashing, standardize templates)
  • Document ci-config.yaml standards and usage patterns
  • Mentor engineers on secure pipeline development and supply-chain practices
  • Troubleshoot and prevent pipeline incidents
  • Note: Detailed project information will be shared during the recruitment process.

Our requirements

  • 7+ years of engineering experience; 3+ years in CI/CD platform or DevSecOps
  • Strong Jenkins + Groovy shared library expertise
  • Advanced Python automation (JSON/YAML processing, tooling scripts)
  • Deep knowledge of Maven/NPM/Python packaging; exposure to Helm/Terraform and container image metadata
  • Supply-chain security (SLSA, CycloneDX SBOM, digests)
  • Experience with SonarQube, Sonatype IQ, container and SAST scanning
  • Proven performance tuning (caching, parallelization, dependency pruning)
  • Compliance awareness

Optional

  • Artifact signing / attestations (cosign, OCI)
  • Terraform module and Helm chart publishing patterns
  • GitOps or release automation experience
  • GCP/AWS cloud experience

This is how we organize our work

This is how we work

  • at the clients site
  • agile
  • scrum

This is how we work on a project

  • Continuous Deployment
  • Continuous Integration
  • issue tracking tools

What we offer

  • Flexible cooperation model – choose the form that suits you best (B2B, employment contract, etc.)
  • Hybrid work setup – remote days available depending on the client’s arrangements
  • Collaborative team culture – work alongside experienced professionals eager to share knowledge
  • Continuous development – access to training platforms and growth opportunities
  • Comprehensive benefits – including Interpolska Health Care, Multisport card, Warta Insurance, and more
  • High quality equipment – laptop and essential software provided

Benefits

  • sharing the costs of sports activities
  • private medical care
  • sharing the costs of professional training & courses
  • life insurance

Joining this project you’ll become part of Mindbox – a tech-driven company where consulting, engineering, and talent meet to build meaningful digital solutions. We’ll back you up every step of the way, accelerate your development, and ensure your skills make a difference.

Mindbox Sp. z o.o.

At Mindbox, we connect top IT talents with technology projects for leading enterprises across Europe.

Our focus is on matching your skills with work that matters – projects that use modern tech stacks, solve real business challenges, and give you space to grow. By joining us, you’ll deliver technology solutions for well-known brands, supported by the Mindbox team that values knowledge-sharing and continuous development. We make sure you have the tools, flexibility, and guidance to do your best work – and to keep moving forward in your career.

  • Praca Kraków

    • Kraków - Oferty pracy w okolicznych lokalizacjach

    Odpowiedz na ogłoszenie
    Praca Kraków - Ciekawe oferty pracy w okolicy:
    Network Engineer
    Senior Data Engineer (Databricks)
    DevOps Engineer
    Integration Software Engineer
    Ansible Engineer
    Senior GCP DevSecOps Engineer
    Senior Cloud Engineer
    DevSecOps Engineer
    AI Engineer (Python, LLMs)
    110 255
    16 425