DevSecOps Engineer in Fintech
ID: 71637_SSF
Rate: up to 365,000 RUB net.
Location: Russia (remote, UTC+3 time zone)
Citizenship: RF and friendly countries.
Format: Remote.
Term: 6 months with a high possibility of extension up to a year (large tender).
We are looking for a Middle+/Senior DevSecOps engineer for a financial company within the top-10 banks of the Russian Federation. The task is to seamlessly integrate security into development processes without compromising release speed. Ideally, you are equally proficient in the classic DevOps stack (K8s, Terraform, Ansible) and in vulnerability analysis tools and the Policy as Code concept.
Responsibilities:
- Design and develop secure CI/CD pipelines, automate security checks (SAST, DAST, SCA, secrets scanning).
- Ensure infrastructure and IaC security: automate hardening, configuration control, and implement Policy as Code.
- Vulnerability management: configure scanning of containers, execution environments, and dependencies, coordinate their remediation.
- Implement and maintain secret management systems, access control, rotation, and data protection.
- Configure security monitoring and telemetry, participate in incident analysis and investigation.
- Ensure Software Supply Chain Security and artifact integrity control.
- Automate data collection for compliance checks and audits.
Our expectations:
- Over 3 years of experience in DevOps / SRE with a focus on implementing security practices.
- Understanding of SDLC / SSDLC processes, Agile/Scrum methodologies, and secure development principles.
- Proficient in IaC and orchestration: Terraform/OpenTofu, Ansible, Kubernetes, Helm, Istio.
- Automation skills in Python, Go, or Bash.
- Understanding of network security: TLS/mTLS, WAF, Network Policies, Service Mesh.
- Experience with hybrid infrastructure (cloud + on-prem).
- Proficiency in relevant stack: GitLab CI, Jenkins, Docker, Vault, OPA, Falco.
- Ability to balance security and delivery speed, argue for solutions, and mentor development teams.
