IT Security Engineer DevSecOps - Senior DevOps Engineer

Company Description

Inetum Polska is part of the global Inetum Group and plays a key role in driving the digital transformation of businesses and public institutions. Operating in cities such as Warsaw, Poznan, Katowice, Lublin, Rzeszow the company offers a wide range of IT services. Inetum Polska actively supports employee development by fully funding training, certifications, and participation in technology conferences. Additionally, the company is involved in local social initiatives, such as charitable projects and promoting an active lifestyle. It prides itself on fostering a diverse and inclusive work environment, ensuring equal opportunities for all.

Globally, Inetum operates in 19 countries and employs over 28,000 professionals. The company focuses on four key areas:

• Consulting (Inetum Consulting): Strategic advisory services that help organizations define and implement innovative solutions.
• Infrastructure and Application Management (Inetum Technologies): Designing and managing IT systems tailored to clients’ individual needs.
• Software Implementation (Inetum Solutions): Deploying partner solutions from industry leaders like Microsoft, SAP, Salesforce, and ServiceNow.
• Custom Software Development (Inetum Software): Creating unique software solutions to meet specific client needs.

With strategic partnerships with major technology giants, including Microsoft, SAP, Salesforce, and ServiceNow, Inetum delivers advanced technological solutions tailored to customer requirements. In 2023, Inetum reported revenues of €2.5 billion, underscoring its strong position in the digital services market.

Inetum distinguishes itself by offering a comprehensive range of benefits that meet the diverse needs of employees, providing flexibility, support and commitment. Here's what makes working at Inetum unique:

Flexible and hybrid work:

• Flexible working hours.
• Hybrid work model, allowing employees to divide their time between home and modern offices in key Polish cities.

Attractive financial benefits:

• A cafeteria system that allows employees to personalize benefits by choosing from a variety of options.
• Generous referral bonuses, offering up to PLN6,000 for referring specialists.
• Additional revenue sharing opportunities for initiating partnerships with new clients.

Professional development and team support:

• Ongoing guidance from a dedicated Team Manager for each employee.
• Tailored technical mentoring from an assigned technical leader, depending on individual expertise and project needs.

Community and Well-Being:

• Dedicated team-building budget for online and on-site team events.
• Opportunities to participate in charitable initiatives and local sports programs.
• A supportive and inclusive work culture with an emphasis on diversity and mutual respect.

Job Description

As an Information Security Engineer in a DevSecOps environment, you will be responsible for designing the Secure Software Development Life Cycle (SSDLC), defining security requirements in CI/CD processes and supporting in securing the Kubernetes infrastructure. Your main tasks include:

• Establishing continuous security in all phases of the software development process (SSDLC).
• Holistic vulnerability management, including identification and remediation of security flaws in source code, dependencies and analysis of penetration test results.
• Development of technical security guidelines and processes.
• Monitoring security threats and trends and implementing proactive preventive measures.
• Support and advise teams and stakeholders on information security.
• Review and improve SSDLC processes.
• Liaising with the Security Operations Centre (SoC).
• Review and advise on security issues of Kubernetes clusters across the company.
• Ensuring NIS2 compliance and implementation.

Qualifications

• Highly motivated and self-motivated to implement security standards.
• Knowledge of recognised technical standards in the area of information security, best practices and current trends.
• Knowledge of cloud, container, network and encryption security.
• Experience with tools and technologies such as Kubernetes, Docker, Jenkins, Git, Terraform.
• Experience in XDR/SIEM/Log/Metrics/Traces monitoring and SoC collaboration.
• Familiarity with on-premises infrastructure and migration to public cloud (AWS, Azure).
• GIT in on-premises infrastructure, openness to change of approach.
• Exploring solutions towards AD/Zero Trust in a 5-6 year timeframe.
• Supporting teams in securing CI/CD pipelines.
• Collaborate on planning for transition to public cloud.

Additional Information

• Industry certifications such as CISSP, CCSP, CSSLP or comparable.
• Work is conducted in a hybrid system: 2 - 3 days a week from one of our office - Warsaw, Poznań or Lublin.