DevSecOps Engineer

Mindbox is a tech-driven company connecting top IT talents with technology projects for leading enterprises across Europe. The company focuses on consulting, engineering, and talent to build meaningful digital solutions.

• Minimum 7+ years in engineering roles, with 3+ years in DevSecOps or CI/CD platform engineering.
• Strong hands-on expertise with Jenkins Shared Libraries (Groovy).
• Advanced Python programming for automation, YAML/JSON parsing, and tooling development.
• Solid understanding of multi-language build pipelines: Java/Maven, Node/NPM, Python, with exposure to Helm, Terraform, and container image metadata handling.
• Deep knowledge of supply chain security standards (e.g., SLSA, SBOM via CycloneDX, artifact digests).
• Experience with static and container scanning tools: SonarQube, Sonatype IQ, SAST.
• Proven ability in build optimization techniques, caching, and dependency pruning.
• Compliance awareness and documentation discipline.

• Design, implement, and maintain Groovy-based Jenkins pipeline steps for build, test, packaging, scanning, and deployment.
• Extend and refine Python tooling for SLSA provenance, SBOM generation, hash/digest verification, and security scan aggregation (SonarQube, Sonatype IQ, SAST, container scans).
• Optimize pipeline performance through parallelization, caching, and smart dependency management.
• Ensure artifact integrity, reproducible builds, and accurate cryptographic mappings (SHA1/SHA256).
• Refactor legacy scripts for stability and compliance, apply standard templates, and eliminate global state issues.
• Define and document ci-config.yaml standards and enforce usage patterns.
• Mentor teams on DevSecOps best practices, supply chain security, and secure pipeline design.
• Troubleshoot and proactively prevent pipeline incidents across environments.

#LI- Hybrid – 6 days a month from the office in Kraków