Senior DevSecOps Engineer

Про позицію

Windmill is a boutique digital product delivery company. Our team of designers, strategists and engineers love to create great experiences. We design and develop delightful and functional digital products that solve tough problems and enable new opportunities for enterprises in complex industries, such as banking & finance, healthcare and compliance.

Обовʼязки20

• Design, implement, and maintain secure and compliant CI/CD pipelines that underpin the release process for both application and ML workloads.
• Integrate DevSecOps best practices into MLOps pipelines, ensuring model code, data, and infrastructure meet strict security and compliance standards.
• Introduce security and quality checkpoints (SAST, DAST, RASP) into all stages of the software and ML model deployment pipelines.
• Leverage Microsoft Azure services (including Azure Pipelines) to deliver automated, scalable, and resilient cloud environments.
• Implement Infrastructure as Code (IaC) using Terraform or Pulumi for consistent, repeatable deployments.
• Facilitate multi-cloud readiness (AWS/GCP) when required, ensuring flexibility and vendor neutrality.
• Integrate and configure best-in-class security scanning and vulnerability management tools (e.g., SonarQube, Snyk, Trivy) throughout the CI/CD lifecycle.
• Ensure compliance with SOC 2 and/or ISO 27001 standards, working closely with compliance teams and continually refining governance policies.
• Leverage GRC tools (e.g., Vanta) to streamline compliance tracking and reporting.
• Conduct regular security assessments, audits, and incident response simulations.
• Deploy and manage monitoring and observability solutions using DataDog, ELK stack, Prometheus, or similar tooling.
• Establish robust alerting, dashboards, and logging pipelines to provide actionable insights into system performance, reliability, and security posture.
• Configure and maintain Jenkins pipelines, BitBucket (Git) repositories, and implement GitFlow branching strategies for streamlined code management.
• Utilize the Atlassian suite (JIRA, Confluence) for integrated project tracking and documentation.
• Integrate AI/ML frameworks (e.g., TensorFlow, PyTorch, scikit-learn) into automated training, testing, and deployment pipelines for ML models.
• Develop automation scripts in Python, as well as Unix shell scripts and PowerShell, to streamline operational tasks, data processing, and environment provisioning.
• Strong understanding of networking concepts and architecture, ensuring secure, high-performance connectivity across environments.
• Competently manage and resolve major incidents, ensuring minimal downtime and excellent customer communication.
• Collaborate with cross-functional teams—including developers, ML engineers, security analysts, and compliance officers—to ensure integrated, holistic solutions.
• Mentor junior team members in DevSecOps, MLOps best practices, security integrations, and cloud infrastructures.

Вимоги12

• Bachelor’s degree in Computer Science, Information Technology, or related field.
• 10+ years of experience in DevOps/DevSecOps roles, with at least 2+ years focusing on MLOps or ML-centric pipelines.
• Advanced knowledge of Azure (Azure DevOps, Azure Pipelines, AKS, Azure Machine Learning, etc.).
• Proven expertise in IaC (Terraform or Pulumi) and cloud-based CI/CD workflows.
• Proficient in Python, Bash, and PowerShell scripting.
• Familiarity with AI/ML frameworks and data engineering best practices; exposure to GenAI/LLMs is a plus.
• Experience with security scanning tools (SonarQube, Snyk, Trivy), CI/CD platforms (Jenkins), version control (BitBucket, Git), GitFlow workflows, and Atlassian suite (JIRA, Confluence).
• Experience in observability and monitoring tools (DataDog, ELK, Prometheus).
• Strong understanding of networking concepts, design, and troubleshooting.
• Proven track record working within SOC 2 or ISO 27001 environments.
• Familiarity with GRC tools (e.g., Vanta) a plus.
• Strong understanding of compliance frameworks, risk management, and best-in-class security practices.

Переваги5

• Competitive compensation and benefits package.
• Opportunities for professional growth, training, and certifications.
• A dynamic environment where innovation, security, operational excellence, and cutting-edge ML technologies are highly valued.
• Flexible working practices
• Friendly environment