DevSecOps Engineer

We are looking for a DevSecOps Engineer to enhance security in CI/CD pipelines and automate vulnerability management.

### Responsibilities - Integrate and develop security checks in CI/CD pipelines (SAST, SCA, secrets scanning, container scanning, IaC) and configure release blocking rules. - Automate vulnerability control in services, libraries, and dependencies. - Ensure the security of container infrastructure (Docker, Kubernetes). - Implement and maintain secure secret management processes (Vault / cloud solutions). - Check and enhance security of infrastructure as code and configurations (IAM, service accounts, cloud). - Automate checks for common vulnerabilities and attack patterns identified by AppSec. - Configure security rules and policies affecting the release process. - Optimize pipeline for speed and quality of security checks. - Reduce manual checks through automation. - Implement security requirements, including those formulated by AppSec in CI/CD and infrastructure.

### Requirements - 2+ years of DevSecOps experience. - Practical experience with CI/CD (GitLab CI). - Experience with Kubernetes and container infrastructure. - Understanding of microservices architecture. - Experience implementing security checks (SAST, SCA, secrets, containers, IaC). - Understanding of common vulnerabilities (OWASP Top 10) and prevention methods. - Ability to build processes, not just use tools. - Experience interacting with development and balancing security and speed requirements.

Золотое Яблоко is a beauty retailer specializing in cosmetics, perfumes, and beauty products, operating physical stores and distribution centers. The company offers a wide range of positions from retail sales and warehouse operations to IT roles like developers and analysts, with presence in Russia, Kazakhstan, and Belarus.