Senior / Lead Security & DevSecOps Engineer – Cyber Resilience Act (CRA) Compliance

160 - 200 PLN/ godz.B2B (netto)

SeniorFull-time·B2B

#324241·Dodano 21 dni temu·26

Źródło: nofluffjobs.com

Tech Stack / Keywords

DevOpsSecurityDevSecOpsCC++CI/CD PipelinesGitHubGitLabGitHub ActionsAWSSASTSCASBOMVeracodeCodeSonarCI/CD AutomationCMakeMake

Experienced engineer with strong technical security expertise and DevOps / DevSecOps skills.
Proven experience working with security or product compliance regulations.
Ability to translate legal requirements into technical implementations.
Programming skills in C and C++.
Experience with DevOps / CI/CD pipelines (GitHub, GitLab, GitHub Actions, AWS).
Knowledge of security practices: application and product security, code analysis.
Familiarity with tools: SAST, SCA, SBOM generation, Veracode, CodeSonar, CI/CD automation.
Experience with build environments: CMake, Make, vendor-specific solutions, integration of security tools into custom pipelines.
Previous role in DevSecOps or similar security-focused engineering position.
Experience with embedded systems and long-lifecycle products.
Ability to operate at scale: multiple teams, repositories, and products.
Strong ownership mentality with end-to-end solution delivery.
High level of independence and decision-making authority.
Pragmatic approach balancing regulatory compliance, engineering efficiency, and scalability.
Ability to operate in heterogeneous, legacy environments with minimal standardization.

Design, implement, and maintain scalable security workflows across multiple products and repositories.
Translate legal and regulatory requirements (CRA) into actionable technical solutions.
Implement and scale DevSecOps practices, including SAST, SCA, and SBOM generation.
Integrate security tools (e.g., Veracode, CodeSonar) into CI/CD pipelines.
Build and maintain centralized vulnerability management systems, including vulnerability databases and waiver management.
Ensure full traceability for audits and consistent risk management practices.
Collaborate across multiple teams to ensure end-to-end ownership of security solutions.
Work in complex, heterogeneous, and legacy environments with limited automation.
Optionally contribute to AI-assisted vulnerability remediation workflows and semi-automated solutions.

SQUARE ONE RESOURCES sp. z o.o.

128 aktywnych ofert