Senior DevSecOps Engineer

About the Role

We are looking for a Senior Dev Sec Ops  Engineer to integrate and operate security controls across our SDLC. As part of the Application Security team, you will embed SAST and SCA tooling in CI/CD pipelines, build dedicated security pipelines, and configure repository policies and curation to reduce supply-chain risk. You will partner with different stakeholders to triage findings, guide remediation, and make secure-by-default practices the path of least resistance.

• Integrate and manage security tooling in CI/CD: SAST, SCA, secrets scanning, and container image scanning. Design and maintain automated workflows and gates across pull requests, merges, and releases
• Build and optimize security pipelines and reusable templates in Azure Dev Ops, Jenkins, Git Lab CI/CD, and Team City. Implement risk-based thresholds aligned with product teams and tune for signal over noise
• Collaborate with Application Security and Development to triage findings, provide actionable fix guidance, track remediation, and prevent recurrence through guardrails and standards
• Configure and maintain repository policies and curation in package repositories for NuGet, npm, and similar
• Monitor and analyze scanning results across environments. Create concise dashboards and metrics to show coverage, trends, and risk reduction, and refine rules to reduce false positives
• Enhance CI/CD pipelines with secure-by-default configurations. Improve developer experience through documentation, reusable patterns and enablement sessions
• Support audit preparation, evidence collection, and compliance activities tied to the software delivery process

• Experience in Dev Ops, SRE, or Infrastructure Engineering with hands-on CI/CD integration
• Strong understanding of SSDLC and Dev Sec Ops , including risk-based gates and remediation workflows
• Hands-on experience with CI/CD platforms (Azure Dev Ops, Jenkins, Git Lab CI/CD, Team City) and pipeline-as-code (YAML)
• Experience integrating and tuning security tools (SAST, SCA); familiarity with secrets and container image scanning
• Knowledge of artifact repositories, dependency management, and vulnerability/license scanning with policy configuration
• Solid Linux and Windows skills: CLI usage, log analysis, basic networking, and build/container troubleshooting
• Experience with automation and configuration management (Ansible, Helm) and containers/orchestration (Docker, Kubernetes)
• Exposure to Infrastructure as Code (Terraform, Cloud Formation, Bicep) and embedding security checks in IaC pipelines
• Basic understanding of application and network security concepts in automated pipelines
• Familiarity with monitoring/observability tools for troubleshooting CI/CD and security jobs

• Scripting in Python, Power Shell, or Bash
• Familiarity with compliance frameworks; SBOM experience

• 26 paid days off annually, plus 4 extra global Veea Me Days for self-care and 24 paid volunteer hours annually through Veeam Cares
• Paid parental, maternity, and paternity leave
• Fully covered family medical plan, dental, rehab, and vaccinations
• Life, critical illness, and disability insurance
• Employer pension contribution via PPK
• Monthly Edenred allowance of 450 PLN for meals
• Multi Sport card fully covered by Veeam, giving access to sports facilities nationwide
• Up to 12 free therapy sessions annually, plus legal and financial advice
• Opportunities to learn and grow through on-demand libraries (Linked In Learning, O’Reilly), mentoring, workshops and learning events like our annual Global Day of Learning

Please note: If the applicant is permanently present outside of Poland, Veeam reserves the right to refuse to consider the application for a job. Remote job is only possible in case the employee is located in Poland.

#LI-AR1
#Remote

Veeam Software is an equal opportunity employer and does not tolerate discrimination in any form on the basis of race, color, religion, gender, age, national origin, citizenship, disability, veteran status or any other classification protected by federal, state or local law. All your information will be kept confidential.

Please note that any personal data collected from you during the recruitment process will be processed in accordance with our Recruiting Privacy Notice.

The Privacy Notice sets out the basis on which the personal data collected from you, or that you provide to us, will be processed by us in connection with our recruitment processes.

By applying for this position, you consent to the processing of your personal data in accordance with our Recruiting Privacy Notice.

By submitting your application, you acknowledge that the information provided in your job application and any supporting documents is complete and accurate to the best of your knowledge. Any misrepresentation, omission, or falsification of information may result in disqualification from consideration for employment or, if discovered after employment begins, termination of employment.