DevOps Engineer III - DevSecOps

Passionate about learning new technologies and help build the technical strategy
3+ years of professional experience in DevOps practices and Cloud Computing technologies
Excellent knowledge of Version Control Tools and CI/CD Tools (Git, GitLab) and related concepts such as branching/versioning strategies etc.
Good knowledge of IAC and related technologies such as Terraform
Hands-on experience in developing CICD workflows/pipelines
Good knowledge of AWS Cloud Technologies (S3, EC2, Lambda)
Good knowledge of containerization technologies such as Docker and related orchestration frameworks such as Kubernetes
Good knowledge of Linux environments around system administration, networking, IAM, and basic troubleshooting skills.
Knowledge of troubleshooting distributed systems using observability and monitoring tools such as New Relic, Grafana, or OpenTelemetry stack
1+ years of professional experience in Cybersecurity practices with expertise in
Penetration testing and related frameworks
SAST, DAST, SCA, OSS concepts and associated tools
Security Compliance and Auditing knowledge is considered a plus: ISO 27001/27002, NIST 800-53, PCI DSS, CIS Critical Security Controls, etc
Understand the concepts, technologies, and hands-on experience in implementing Shift-Left-On-Security approaches in the SDLC
Hands-on experience in conducting a Threat Modeling exercise
Hands-on experience in Security Operations is considered a plus
Some key activities:
Conduct internal software security training.
Conduct and design Incremental Security tests.
Conduct platform security assessments and vulnerability patching
Perform Security code reviews
Verify reported vulnerabilities and exploits.
Evaluate Security Releases and generate reports.
Good understanding of the Software Development Life Cycle and its phases and how to implement a Shift-Left-On-Security Approach
Programming experience with any OOP/Scripting Language. Python, Bash, etc
Bachelor’s Degree in Systems Engineering, Computer Science, or a related field.
Great verbal and written communication skills is needed for team collaboration

Working with leadership, product management, and the Onapsis Engineering and Operations teams. You will evaluate, scoop, propose, and build features to fulfill business solution requirements to protect our customers and move our SDLC towards a more security-centric approach (Shift-Left-On-Security). Work collaboratively with a team of InfoSec and Platform Engineers, SREs, and product managers to iterate toward a secure product definition and realization. Additionally, you will be working integrated with our DevOps team to take the CICD frameworks, SDLC, and related tools to the next level of maturity in terms of security, technologies, and architecture design while advancing our quality engineering processes to deliver high-quality products and services.

What we offer:

A role in shaping the future of protecting the most critical applications that run the world's business and a career that grows as the company grows.
A unique culture of high achievement and teamwork.
Supportive and humble colleagues are the space's top problem solvers and innovators.
Financial security through competitive compensation and incentives.

Employment: Please note that this is a full-time employee role. No B2B or SRLs will be accommodated.

Location: Onapsis has established a new development center in Bucharest. This is a hybrid role, so candidates must be commutable to Bucharest.

• Medical subscription
• Trainings
• Courses
• Extra days off
• Flexible work schedule
• Laptop
• Fun / Relax Area