We are looking for a Lead SecOps Engineer to join a team building security solutions that help organizations monitor, assess and improve the security posture of open-source software. The work focuses on a platform for unified visibility into open-source vulnerabilities and a solution that provides security ratings for open-source libraries, enabling better risk-based decisions across development teams.
Responsibilities
- Contribution to the development and enhancement of solutions for open-source vulnerability monitoring and security rating
- Support and improvement of CI/CD pipelines and GitHub Actions–based workflows
- Application of DevSecOps and secure engineering practices throughout the software lifecycle
- Close collaboration with cross-functional teams to deliver scalable, reliable and secure solutions
- Contribution as a team player by collaborating, sharing knowledge and supporting overall product quality
Requirements
- 7+ years of experience in DevOps or Site Reliability Engineering
- Skills in DevSecOps orchestration, Secure Software Development Life Cycle and security-as-code
- Knowledge of Software Composition Analysis and OSS license compliance
- Understanding of CVSS scoring, exploitability analysis and vulnerability remediation strategies
- Hands-on experience securing GitHub Actions workflows and integrating security gates into CI/CD pipelines
- Expertise in CI/CD, Kubernetes and Security Hardening
- Proficiency in Security Testing Tools, Security Assessment and Vulnerability Management
- Strong communication, ownership mindset and ability to work effectively in a team environment
- English proficiency at B2 level or higher
Nice to have
- Familiarity with Google Cloud Platform
- Background in Open Source Software Development