DevSecOps Engineer

Position: DevSecOps Engineer (B2B / Freelancer Contract)

Engagement: NATO Project

Role Overview

We are recruiting on behalf of our client for an experienced DevSecOps Engineer to support a NATO engagement, focused on building, securing, and maintaining cloud-native infrastructure for mission-critical systems. This role involves designing, automating, and monitoring containerized workloads and CI/CD pipelines across hybrid and public cloud environments, ensuring operational resilience and compliance with NATO security standards.

The selected professional will play a central role in bridging development, operations, and cybersecurity, ensuring secure, scalable, and high-performance delivery pipelines. Working within an Agile/DevSecOps framework, you will collaborate with cross-functional teams to implement best practices for infrastructure automation, observability, and zero-trust compliance.

Key Responsibilities

• Deploy and operate containerized applications using orchestration frameworks such as Kubernetes, Docker, and OpenShift.

• Design, build, and maintain CI/CD pipelines with integrated automated testing and security validation.

• Implement and manage Infrastructure as Code (IaC) solutions using Terraform, Ansible, Helm, or Pulumi.

• Deploy and secure workloads across hybrid and public cloud environments (AWS, Azure, Google Cloud, VMware, OpenStack).

• Apply site reliability engineering (SRE) and observability practices using tools such as Prometheus, Grafana, ELK/Loki, and OpenTelemetry.

• Support and optimize high-throughput, service-oriented architectures, ensuring scalability and fault tolerance.

• Work within Agile/DevSecOps delivery models (Scrum, SAFe, or Kanban) to continuously improve automation and security integration.

• Design and manage secure networking and service mesh frameworks (TLS, Istio, Linkerd, API gateways).

• Implement zero-trust principles and compliance automation using tools like OPA, Kyverno, and CIS benchmarks.

• Manage identity, secrets, and access policies using IAM tools such as Vault, AWS KMS, Azure Key Vault, and RBAC/ABAC.

• Automate compliance checks, vulnerability scanning, and artifact validation (SBOMs, dependency scanning).

• Contribute to building secure DevSecOps pipelines, integrating continuous delivery with continuous security validation.

• Collaborate with developers, architects, and cybersecurity teams to define, enforce, and optimize best practices.

Required Skills & Experience

• Minimum 4 years of hands-on experience with containerization and orchestration technologies (Docker, Kubernetes, OpenShift).

• Minimum 4 years of experience designing and maintaining CI/CD pipelines with automated testing and security integration.

• Strong experience with Infrastructure as Code (IaC) tools (Terraform, Ansible, Helm, Pulumi).

• Proven experience deploying and securing workloads in hybrid or public cloud infrastructures (AWS, Azure, GCP, VMware, OpenStack).

• Proficiency in monitoring, observability, and incident management using Prometheus, Grafana, ELK/Loki, and OpenTelemetry.

• Experience implementing SRE principles, focusing on reliability, scalability, and automation.

• Practical understanding of zero-trust architecture, policy enforcement, and compliance automation.

• Knowledge of secure networking, service meshes, and API gateways.

• Strong background in identity and access management, including secrets management and least-privilege enforcement.

• Hands-on experience with Agile and DevSecOps practices and collaborative team delivery.

• Language Requirement: High proficiency in English (C1 or higher) both written and spoken.

Preferred Qualifications

• Certifications in Kubernetes (CKA/CKAD/CKS), AWS/Azure/GCP, or DevOps/DevSecOps frameworks.

• Experience with automated compliance frameworks and security-as-code principles.

• Background in NATO, defense, or government projects with secure cloud environments.

• Experience integrating security scanning, artifact signing, or supply chain security into CI/CD pipelines.

• Familiarity with GitOps workflows and tools such as ArgoCD or Flux.

Contract Type

• Engagement Model: B2B / Freelancer

• Engagement Context: NATO project under secure DevSecOps and cloud automation standards.

• Language Requirement: English fluency at C1 level or higher is mandatory.