DevSecOps Engineer, MODUS X

Join MODUS X, a Ukrainian IT company with a team of over 650 experienced professionals, focusing on digital transformation and cybersecurity solutions. We are searching for a SecOps engineer responsible for integrating security into the development and implementation of IT solutions, ensuring compliance with security standards and managing access control.

• Integrate security into CI/CD processes
• Analyze vulnerabilities by automating code, container, dependency, and infrastructure scans
• Manage secrets and secure storage of keys, tokens, and passwords
• Implement least privilege and Zero Trust access controls
• Monitor and respond to incidents in Dev/Test/Prod environments
• Develop and automate security policies for infrastructure and code
• Educate the team on secure coding practices
• Ensure compliance with NIST, ISO 27001, NIS2 standards

• Experience in building and developing DevSecOps engineering practices and implementing them in pipelines as Security Gates
• Experience deploying and applying secure development tools (SAST, DAST, SCA, ASOC, Container/Kubernetes Security)
• Experience designing information systems and secure development systems
• Understanding attack scenarios based on MITRE ATT&CK tactics and techniques
• Practical experience with OWASP Security Standards, CIS Controls, NIST Cybersecurity Framework, SANS best practices
• Understanding Shift-Left, ZeroTrust, SSDLC concepts
• Knowledge of vulnerabilities from OWASP Top-10 (web/mobile/api) and mitigation strategies
• Experience triaging vulnerabilities in programming languages (minimally: Python, Java, JS, PHP, .NET)
• Experience supporting projects using Azure, AWS, K8s
• Experience with security tools in cloud services (Azure Security Center, Azure Defender, Azure Policy; AWS GuardDuty, CloudTrail; GCP)
• Experience with key vaults, HashiCorp Vault, BYOK
• Knowledge of modern authentication/authorization methodologies (OAuth 2.0, OIDC, JWT)
• Experience with CI/CD tools (Azure DevOps, GitLab, Ansible, Terraform)
• Experience with COT systems, project administration, and repository management (AzDO, Git, Confluence, Jira)

• Official employment
• Competitive salary and social guarantees
• Corporate medical insurance and psychological support program
• Work in the innovative Unit City park or remotely
• Training and professional development opportunities (online courses, workshops, professional communities)