CI/CD Engineering - Security & Compliance (DevSecOps / Platform Engineering)

Bridge 351
Brussels, Belgium
3 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English, German
Experience level
Senior

Job location

Brussels, Belgium

Tech stack

Microsoft Windows
API
JIRA
Cloud Computing
Information Systems
Continuous Integration
DevOps
Disaster Recovery
Identity and Access Management
Virtual Private Networks (VPN)
Key Management
Network Security
PostgreSQL
Public Key Infrastructure
Role-Based Access Control
Ansible
Prometheus
Secure Coding
Systems Integration
Tripwire
Software Vulnerability Management
Policy as Code
Cloud Platform System
System Availability
Delivery Pipeline
Grafana
Multi-Cloud
HybridCloud
Firewalls (Computer Science)
Gitlab
Containerization
Gitlab-ci
Git Flow
Kubernetes
Infrastructure Automation Frameworks
Information Technology
Hashicorp
Terraform
Devsecops
Docker
Testrail
Static Application Security Testing
Vulnerability Analysis

Job description

** Role**

CI/CD Engineering -- Security & Compliance (DevSecOps / Platform Engineering)

We are supporting a major energy-sector digital platform initiative focused on enabling engineering and operations teams through a secure, cloud-native internal developer platform.

We are currently looking for a Senior DevSecOps / Platform Engineer to help design, implement, and operate secure CI/CD and Kubernetes-based platform services, ensuring compliance, scalability, automation, and operational resilience across the organization's engineering ecosystem.

** About the Role**

In this position, you will play a key role in the Platform Engineering and DevSecOps domain, working closely with Engineering, Operations, and Product teams to deliver secure and scalable CI/CD solutions.

You will contribute to the design and operation of cloud-native infrastructure, security tooling, GitOps workflows, observability platforms, and vulnerability management processes, while supporting software supply chain security and compliance initiatives.

The role combines hands-on technical implementation with platform reliability, automation, governance, and developer enablement responsibilities.

** Responsibilities**

  • Design, implement, and maintain secure DevOps and CI/CD solutions ensuring integrity, confidentiality, and availability of systems and data

  • Develop and configure CI/CD pipelines with integrated security scanning and compliance validation

  • Implement secure configurations, access controls, encryption mechanisms, and security best practices across repositories, systems, and deployment pipelines

  • Automate infrastructure provisioning and management using Infrastructure-as-Code tools such as Terraform, OpenTofu, and Ansible

  • Design and operate Kubernetes-based platforms and containerized environments with a strong focus on security, scalability, and operational reliability

  • Implement and maintain GitOps workflows using tools such as ArgoCD and FluxCD

  • Operate and optimize GitLab environments, including CI workloads, governance, access control, and high-availability architectures

  • Integrate and expose security tooling to development teams through self-service workflows and CI/CD integration

  • Support vulnerability management and security hardening activities, including patching, dependency management, remediation tracking, and secure baseline enforcement

  • Implement and maintain software supply chain security practices including SBOM generation, dependency tracking, artifact signing, provenance, and compliance validation

  • Integrate security tooling such as Trivy, Dependency-Track, and DefectDojo into development and deployment workflows

  • Build and maintain observability platforms using Prometheus, Grafana, Loki, OpenTelemetry, and related tooling

  • Monitor platform reliability, availability, logs, metrics, traces, and incident response activities

  • Conduct risk assessments, threat modelling, audits, and compliance reviews

  • Collaborate with development, operations, and security stakeholders to support platform evolution and operational excellence

  • Produce and maintain technical documentation, architecture diagrams, operational procedures, FAQs, and knowledge base content

  • Support disaster recovery planning, backup strategies, and operational continuity initiatives

  • Contribute to the continuous improvement of developer experience and platform self-service capabilities

** Mandatory Requirements**

** Education**

  • Bachelor's or Master's degree in Computer Science, Engineering, Information Systems, or equivalent experience

** Professional Experience & Expertise**

  • Strong experience designing and implementing DevSecOps and CI/CD solutions in enterprise environments

  • Proven experience embedding security controls into CI/CD pipelines and platform layers

  • Strong hands-on experience operating large-scale Kubernetes environments

  • Deep understanding of Kubernetes internals including networking, RBAC, admission controllers, storage, scheduling, and API extensions

  • Experience implementing container and runtime security in Kubernetes environments

  • Strong experience with GitOps workflows using ArgoCD and/or FluxCD

  • Strong hands-on experience with Infrastructure-as-Code using Terraform or OpenTofu

  • Experience integrating security controls and compliance validation into CI/CD workflows

  • Experience operating GitLab in large-scale enterprise environments

  • Strong experience managing CI/CD workloads and platform reliability

  • Experience with software supply chain security concepts including SBOMs, artifact signing, dependency tracking, attestations, and provenance

  • Hands-on experience with security tooling such as Trivy, Dependency-Track, DefectDojo, or similar solutions

  • Experience supporting vulnerability management, remediation, and security hardening initiatives

  • Strong understanding of cloud and network security principles including segmentation, firewalls, VPNs, and secure communication

  • Strong knowledge of encryption, PKI, certificates, and secure communication flows

  • Experience working in compliance-driven or regulated environments

  • Experience supporting audits and security policy reviews

  • Strong collaboration and stakeholder management skills within cross-functional technical environments

Technical Knowledge & Skills

  • Kubernetes (GKE preferred)

  • GitLab CI/CD

  • ArgoCD / FluxCD

  • Terraform / OpenTofu

  • Docker & container ecosystems

  • Harbor registry

  • Trivy, Dependency-Track, DefectDojo

  • Prometheus, Grafana, Loki, OpenTelemetry

  • GCP / GKE / IAM / Networking

  • Infrastructure automation and platform engineering

  • Observability and monitoring platforms

  • Security hardening and vulnerability management

  • CI/CD pipeline automation

  • Documentation and technical governance

  • PostgreSQL, Jira, TestRail

** Nice to Have**

  • Experience operating platforms in regulated or critical infrastructure environments

  • Experience with policy-as-code frameworks such as Kyverno

  • Experience with secrets management solutions such as HashiCorp Vault

  • Familiarity with progressive delivery approaches such as Argo Rollouts

  • Experience with multi-cloud or hybrid cloud environments

  • Familiarity with Software Composition Analysis (SCA) tools and practices

  • Experience with SAST solutions and secure development lifecycle practices

  • Experience balancing cloud scalability, operational efficiency, and security requirements

** Languages**

  • Fluent English (mandatory -- B2 minimum)

  • German is a plus

** Location**

  • Brussels

** Work Model**

  • Hybrid - Full-time

Requirements

PostgreSQL, Windows, Engineering, Security

Apply for this position