- Collaborate with the Security Architect to drive the Security Architecture & Solutions for our core digital portfolio and future digital products
- Automate repetitive tasks and implement secure CI/CD pipelines, enhancing productivity and reducing errors
- Own the implementation and continuous improvement of security tooling across various areas including static/dynamic analysis, dependency scanning, and secrets detection
- Implement appropriate technical and organizational security controls to mitigate identified risks, with a focus on automating these measures wherever possible
- Promote and facilitate Security-By-Design principles across the development team, bridging the gap between operations and security
- Implement Infrastructure as Code (IaC) security measures, protecting integral aspects of our infrastructure and ensuring secure deployments
- Embed security within the DevOps lifecycle, including the design and execution of signed image verification systems to ensure the authenticity and integrity of images
- Conduct ongoing security training for the development team to ensure awareness and compliance
- Security-focused or Computer Science university degree (Bachelors) OR equivalent experience
- 5+ years' experience in DevOps, with significant exposure to security aspects
- Proficiency in one or more programming languages, predominantly used in DevOps like Python, Ruby, or Go
- Practical experience with CI/CD pipelines and tools such as Jenkins, and AWS CodePipeline
- Experience with container orchestration tools like Kubernetes and Docker, and cloud environments such as AWS, Azure, or Google Cloud
- Relevant certifications such as AWS/Azure Certified DevOps Engineer, or similar qualifications are considered an advantage
- Experience with medical security governance and IT general control frameworks such as DSOMM, HIPPA, ISO , NIST CSF, NIST -53, MDR (EU), etc., is a huge advantage
- Deep understanding of secure Infrastructure as Code (IaC) strategies and signed image verification practices
- Experience in using Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) tools for code analysis
- Security Knowledge: Solid understanding of network access, identity, access management, applied cryptography, network security methodologies, and secure software development methodologies
- Knowledge and experience with identifying and understanding the most common application security vulnerabilities (OWASP Top 10)
- Agile mindset, Continuous Quality and Process Improvement
- Deep expertise with more than one of the following area: API security DevSecOps practices Identity and Access Management Compliance & regulations for medical devices Cloud Security Architecture & Controls Security Architecture & Models in Healthcare Zero trust & Defense in depth principles Network security Infrastructure and application security assessment Vulnerability management Application Security IoT Security architecture CI/CD tooling (SAST, DAST, SCA, Secret Scanner. Secure Gates, Image Signed, etc) Threat Modeling and Secure-by-Design Security Operations
- 30 days holiday per annum
- Company Pension Scheme
- Competitive compensation depending on experience and skills
- Regular performance assessments
- Fitness-First Black Membership
- bitkom - Corporate Benefits
- EPAM Employee Stock Purchase Plan (ESPP)
- Great learning and development opportunities, including in-house professional training, career advisory and coaching, sponsored professional certifications, well-being programs, LinkedIn Learning Solutions and much more
- Friendly and enjoyable working team
- Regular corporate and social events
- Flexible and remote working opportunities
- Certain benefits and perks may be subject to eligibility requirements
- EPAM is a leading global provider of digital platform engineering and development services. We are committed to having a positive impact on our customers, our employees, and our communities. We embrace a dynamic and inclusive culture. Here you will collaborate with multi-national teams, contribute to a myriad of innovative projects that deliver the most creative and cutting-edge solutions, and have an opportunity to continuously learn and grow. No matter where you are located, you will join a dedicated, creative, and diverse community that will help you discover your fullest potential
- Work across markets and verticals and gain exposure to a great variety of projects and cutting-edge technologies
- Become part of a global community of well-connected experts across 50+ countries: enjoy a career without borders within an international environment
- Carve your career path: as the Fastest-Growing IT Services Company in the Fortune List, EPAM is committed to help you discover your fullest potential by creating career plans that best suit you and your future plans
- EPAM Germany was named a Top Company , & by Kununu for its people centric culture built on life-long learning
-
Working Student for Development of Ai Driven
vor 1 Woche
Daimler Truck AG Leinfelden-Echterdingen, DeutschlandTasks · Shape the future of commercial transportation with us · Truck Connectivity is looking to hire You, a working student who wants to build a MS Copilot Chatbot for our large-scale connectivity platform.Our vision is to create the future Connectivity Experience for Daimler Tr ...
-
Cloud-Lösungsingenieur - Santander Digital Services
vor 2 Wochen
Proxima Dynamics Pforzheim, Deutschland**Cloud Solution Engineer - Santander Digital Services** · Land: Spanien · **Hallo Willkommen an dem Ort, der für die Entwicklung von Technologien verantwortlich ist, die das Leben von 160 Millionen Kunden auf der ganzen Welt verbessern** · Sind Sie bereit, Ihre berufliche Karrie ...
-
Product Owner
vor 6 Tagen
Experian Heilbronn, DeutschlandUnternehmensbeschreibung · **Dicover the Unexpected and Explore Technological Frontiers** · At Experian, we navigate the frontiers of technological advancement, embodying "The Five Pillars of Engineering Excellence". Our mission is to deliver transformative products, accelerate i ...
-
Sustainability Project Engineer
vor 16 Stunden
Nexontis Württemberg, DeutschlandWith our high-end SAP solutions for Performance Management, Sustainability and Accounting, we enable our customers around the world to operate profitably, adapt continuously, and make a difference. · Nexontis is an IT solutions and consulting company specializing in providing ac ...
-
Daimler Truck AG Leinfelden-Echterdingen, Deutschland NebenberuflichAbout us · At Daimler Truck we want to make a change, to create real impact together. That is why we take responsibility around the globe and work as one global team towards our vision: Leading Sustainable Transportation. It's people who make the difference and drive success. Tog ...
DevSecOps Engineer - Stuttgart, Deutschland - Epam
Beschreibung
Description
About the role
EPAM is looking for a dedicated DevSecOps Engineer to automate and optimize our development processes and ensure secure CI/CD pipelines. Working closely with our Security Architect, your main responsibility would be to reinforce our security posture across our development teams and digital portfolio.At EPAM, you will work with the most recent advancements in tech, ensuring that our innovative solutions stay at the cutting edge of technology trends while also being safe and reliable. Our DevSecOps team is composed of globally recognized experts who take pride in driving real impact in the tech security domain.
We value flexibility and offer a modern approach to work with a hybrid model. You can enjoy the privilege of working from home, backed by occasional visits to client sites or our office. This is an exceptional opportunity to lead and learn, while shaping the future of secure technology deployment.
Responsibilities
Requirements
We Offer
About EPAM
Why join EPAM
