We are seeking a Senior DevSecOps Engineer to join our core Shared Services Team.

You will play a key role in implementing secure software development lifecycle practices and leading security initiatives across development cycles. This position requires expertise in integrating automated security testing and managing infrastructure security in cloud environments. You will collaborate with cross-functional teams to enforce security standards and support incident response protocols.

Please note that this role involves working from the office in Gdansk or Krakow five (5) days a week.

Responsibilities

• Implement secure software development lifecycle processes including threat modeling and secure code reviews
• Integrate automated security testing tools such as SAST, DAST, dependency scanning, and vulnerability management into CI/CD pipelines
• Enforce least-privilege access controls, secure default configurations, and observability standards
• Manage infrastructure-as-code security using tools like Terraform, Helm, and Kubernetes
• Define and deploy centralized logging and alerting systems using platforms such as CloudTrail, ELK, and Splunk
• Establish incident response protocols and conduct post-release security monitoring
• Design and manage CI/CD pipelines following GitHub Flow to support reliable software delivery
• Implement infrastructure blueprints approved during project elaboration phases
• Ensure compliance with security best practices and industry standards across all systems
• Collaborate with development and operations teams to automate and streamline deployments
• Provide guidance on containerization and orchestration best practices
• Stay informed of emerging trends and technologies to continuously improve security and DevOps processes

Requirements

• Bachelors degree in computer science, engineering, or related field, or equivalent experience
• Over 10 years of experience in secure software development, DevSecOps, or cybersecurity engineering
• Hands-on experience with CI/CD pipelines and security tools such as SonarQube, Checkmarx, and Snyk
• Strong knowledge of cloud security principles with a preference for AWS environments
• Experience with container security and role-based access control (RBAC)
• Background in multi-tenant SaaS platforms and data isolation techniques
• Proficiency in programming languages such as Python and TypeScript
• Familiarity with secure development lifecycle frameworks like Microsoft SDL and OWASP
• Experience integrating security in AI-driven and AI-assisted architectures
• Excellent problem-solving abilities and attention to detail
• Strong communication and collaboration skills
• Proficiency in English at a professional working level

Nice to have

• Experience as a DevOps engineer focusing on GitHub Flow, AWS EKS, and Kubernetes
• Understanding of continuous integration and deployment automation tools
• Familiarity with containerization and orchestration technologies including Docker and Kubernetes
• Knowledge of cloud infrastructure services, particularly AWS offerings
• Some understanding of regulatory compliance frameworks such as SOC 2 and ISO 27001

We offer

• Engineering community of industry professionals
• Friendly team and enjoyable working environment
• Flexible schedule and opportunity to work remotely within Poland
• Chance to work abroad for up to 60 days annually
• Business-driven relocation opportunities
• Outstanding career roadmap
• Leadership development, career advising, soft skills, and well-being programs
• Unlimited access to LinkedIn Learning, Get Abstract, Cloud Guru
• Stable income (Employment Contract or B2B)
• Participation in the Employee Stock Purchase Plan
• Benefits package (health insurance, multisport, shopping vouchers)
• Strategically located offices featuring entertainment and relaxation zones, table tennis and football, free snacks, fantastic coffee, and more
• Referral bonuses
• Corporate, social and well-being events

EPAM is a leading global provider of digital platform engineering and development services. We are committed to having a positive impact on our customers, our employees, and our communities. We embrace a dynamic and inclusive culture.