CI/CD Engineering – Security & Compliance (DevSecOps / Platform Engineering)

Role

CI/CD Engineering – Security \& Compliance (DevSecOps / Platform Engineering)

We are supporting a major energy\-sector digital platform initiative focused on enabling engineering and operations teams through a secure, cloud\-native internal developer platform.

We are currently looking for a Senior DevSecOps / Platform Engineer to help design, implement, and operate secure CI/CD and Kubernetes\-based platform services, ensuring compliance, scalability, automation, and operational resilience across the organization’s engineering ecosystem.

About the Role

In this position, you will play a key role in the Platform Engineering and DevSecOps domain, working closely with Engineering, Operations, and Product teams to deliver secure and scalable CI/CD solutions.

You will contribute to the design and operation of cloud\-native infrastructure, security tooling, GitOps workflows, observability platforms, and vulnerability management processes, while supporting software supply chain security and compliance initiatives.

The role combines hands\-on technical implementation with platform reliability, automation, governance, and developer enablement responsibilities.

Responsibilities

• Design, implement, and maintain secure DevOps and CI/CD solutions ensuring integrity, confidentiality, and availability of systems and data


• Develop and configure CI/CD pipelines with integrated security scanning and compliance validation


• Implement secure configurations, access controls, encryption mechanisms, and security best practices across repositories, systems, and deployment pipelines


• Automate infrastructure provisioning and management using Infrastructure\-as\-Code tools such as Terraform, OpenTofu, and Ansible


• Design and operate Kubernetes\-based platforms and containerized environments with a strong focus on security, scalability, and operational reliability


• Implement and maintain GitOps workflows using tools such as ArgoCD and FluxCD


• Operate and optimize GitLab environments, including CI workloads, governance, access control, and high\-availability architectures


• Integrate and expose security tooling to development teams through self\-service workflows and CI/CD integration


• Support vulnerability management and security hardening activities, including patching, dependency management, remediation tracking, and secure baseline enforcement


• Implement and maintain software supply chain security practices including SBOM generation, dependency tracking, artifact signing, provenance, and compliance validation


• Integrate security tooling such as Trivy, Dependency\-Track, and DefectDojo into development and deployment workflows


• Build and maintain observability platforms using Prometheus, Grafana, Loki, OpenTelemetry, and related tooling


• Monitor platform reliability, availability, logs, metrics, traces, and incident response activities


• Conduct risk assessments, threat modelling, audits, and compliance reviews


• Collaborate with development, operations, and security stakeholders to support platform evolution and operational excellence


• Produce and maintain technical documentation, architecture diagrams, operational procedures, FAQs, and knowledge base content


• Support disaster recovery planning, backup strategies, and operational continuity initiatives


• Contribute to the continuous improvement of developer experience and platform self\-service capabilities

Education

• Bachelor’s or Master’s degree in Computer Science, Engineering, Information Systems, or equivalent experience

• Strong experience designing and implementing DevSecOps and CI/CD solutions in enterprise environments


• Proven experience embedding security controls into CI/CD pipelines and platform layers


• Strong hands\-on experience operating large\-scale Kubernetes environments


• Deep understanding of Kubernetes internals including networking, RBAC, admission controllers, storage, scheduling, and API extensions


• Experience implementing container and runtime security in Kubernetes environments


• Strong experience with GitOps workflows using ArgoCD and/or FluxCD


• Strong hands\-on experience with Infrastructure\-as\-Code using Terraform or OpenTofu


• Experience integrating security controls and compliance validation into CI/CD workflows


• Experience operating GitLab in large\-scale enterprise environments


• Strong experience managing CI/CD workloads and platform reliability


• Experience with software supply chain security concepts including SBOMs, artifact signing, dependency tracking, attestations, and provenance


• Hands\-on experience with security tooling such as Trivy, Dependency\-Track, DefectDojo, or similar solutions


• Experience supporting vulnerability management, remediation, and security hardening initiatives


• Strong understanding of cloud and network security principles including segmentation, firewalls, VPNs, and secure communication


• Strong knowledge of encryption, PKI, certificates, and secure communication flows


• Experience working in compliance\-driven or regulated environments


• Experience supporting audits and security policy reviews


• Strong collaboration and stakeholder management skills within cross\-functional technical environments

• Kubernetes (GKE preferred)


• GitLab CI/CD


• ArgoCD / FluxCD


• Terraform / OpenTofu


• Docker \& container ecosystems


• Harbor registry


• Trivy, Dependency\-Track, DefectDojo


• Prometheus, Grafana, Loki, OpenTelemetry


• GCP / GKE / IAM / Networking


• Infrastructure automation and platform engineering


• Observability and monitoring platforms


• Security hardening and vulnerability management


• CI/CD pipeline automation


• Documentation and technical governance


• PostgreSQL, Jira, TestRail

• Experience operating platforms in regulated or critical infrastructure environments


• Experience with policy\-as\-code frameworks such as Kyverno


• Experience with secrets management solutions such as HashiCorp Vault


• Familiarity with progressive delivery approaches such as Argo Rollouts


• Experience with multi\-cloud or hybrid cloud environments


• Familiarity with Software Composition Analysis (SCA) tools and practices


• Experience with SAST solutions and secure development lifecycle practices


• Experience balancing cloud scalability, operational efficiency, and security requirements

• Fluent English (mandatory – B2 minimum)


• German is a plus

• Brussels

• Hybrid \- Full\-time

Cette annonce provient de indeed. Voir l'annonce originale ↗