Engenheiro | DevSecOps

Company Description

We are an Engineering and Product Development Center that designs, develops and produces new technologies, products and services for a more sustainable society.

We work to bridge the gap between cities, industry and universities around major development and industrialization programs for products and services, from Portugal, in high-tech sectors such as mobility, aeronautics and space.

Job Description

We are seeking a curious DevSecOps Engineer to join our growing team.

As a DevSecOps Engineer, you will be responsible for integrating security practices into our development and operational workflows.

Your role is critical to enforce the alignment between development, security, and operations, ensuring our applications and infrastructure are scalable, resilient and above all, secured from day one. Key responsabilities are:
 

• Secure CI/CD Pipelines: Integrate security tools and practices into CI/CD pipelines (e.g., static code analysis, vulnerability scanning, secrets detection);
• Automation & Infrastructure as Code (IaC): Implement and maintain secure IaC using tools like Terraform, CloudFormation, Ansible or similars;
• Cloud Security: Implement cloud-native (AWS, Azure, GCP) security solutions and controls;
• Incident Response: Participate in the incident response and post-mortem analysis, ensuring the rapid restoration of the solutions;
• Tooling & Monitoring: Deploy and manage security tools (e.g., using tools like Snyk, Aqua, Prisma Cloud, Falco, HashiCorp Vault or similars) for runtime protection and monitoring;
• Collaboration: Partner with development, operations, and security teams to foster a DevSecOps culture and champion security best practices across the organization.

Qualifications

• Academic background in Computer Engineering, Software Engineering and similar areas;
• At least 2 years of experience in DevOps, Security Engineering, or Site Reliability Engineering;
• Understanding of DevOps practices and CI/CD tools (e.g., using tools like GitLab CI/CD, Jenkins, GitHub Actions or similars);
• Proficiency in at least one scripting language (e.g., using tools like Python, Bash, Go or similars);
• Experience with containers and orchestration (e.g., using tools like Docker, Kubernetes or similars);
• Knowledge of secure coding principles, vulnerability management, and application security;
• Hands-on experience with cloud platforms (AWS, Azure, or GCP);
• Strong collaboration skills to work effectively with all teams;
• Clear and concise communication with both technical and non-technical stakeholders;
• Proactive and self-driven mindset with the ability to identify and resolve issues before they escalate;
• Pasion for problem-solving and a structured approach to quickly restore solutions;
• Adaptability and resilience in a fast-paced, constantly evolving technical environment;
• Commitment to continuous learning and staying up-to-date emerging technologies;
• Empathy and business awareness, balancing security needs with organizational goals.

Additional Information

• Dynamic, multidisciplinary team and a positive, relaxed work environment;

• We facilitate and promote a balanced and healthy lifestyle, integrating work with personal life;

• We offer Health Insurance for employees;

• Partnerships with gyms, a nutritionist, and other benefits;

• Up to three additional vacation days;

• Day off on your birthday.