Key skills
AzureCyber SecurityGradleJavaJavaScriptMavenPythonSDLCTypeScriptGitHub ActionsAzure DevOpsnpmpipGitHubGitLabCI/CD
About this role
Role Overview
- Strengthen and embed security within the bank by integrating security deeply into development practices and engineering workflows
- Provide hands-on DevSecOps expertise and guidance on application security topics such as SCA, SAST, secret scanning, and secure coding practices
- Design, implement, and improve security controls within CI/CD pipelines and developer workflows
- Develop, customize, and maintain security tooling to fit the needs of engineering teams and enhance automation and developer experience
- Translate central security standards into automated controls, policies and developer-friendly guardrails
- Support squads in integrating security testing and validation into their development lifecycle
- Collaborate with platform teams to embed security capabilities into shared services and tooling
- Improve security visibility by implementing metrics, dashboards, and reporting within CI/CD ecosystems
- Act as a mentor and point of contact for less experienced colleagues in DevSecOps and application security
Requirements
- Bachelor’s degree in Computer Science, Cyber Security, Software Engineering, or related field
- Relevant DevSecOps or security certifications (e.g., CDP, CDE, CSSLP, or similar)
- Minimum of 5–8 years of experience in software engineering, DevOps, or DevSecOps roles
- Strong programming skills and ability to read and write code in multiple languages (e.g., Python, Java, TypeScript/JavaScript)
- Experience with various package managers and ecosystems (e.g., Maven, Gradle, npm, pip)
- Strong expertise in CI/CD tooling and pipeline design (Azure DevOps, Gitlab, Github Actions)
- Hands-on experience with application security practices, including SCA, SAST, secret scanning, and secure coding practices
- Familiarity with secure SDLC practices and integrating security controls into development pipelines
- Ability to communicate effectively with developers and influence secure coding practices
- Working together as a team across multiple platform teams, various security teams and the CISO organization.
Tech Stack
- Azure
- Cyber Security
- Gradle
- Java
- JavaScript
- Maven
- Python
- SDLC
- TypeScript
Benefits
- Thirteenth month's salary and 8% holiday allowance
- 10% Employee Benefit Budget
- EUR 1,400 development budget per year
- Hybrid working: balance between home and office work
- A pension, for which you can set the maximum amount of your personal contribution