How about impacting lives by joining a company that drives innovative solutions and technological advancement in Brazil? If you share this purpose, check out our opportunity and join us: \#ComeWithUs \#BeAttus! **Before anything else, an important point:** Recognized by GPTW as one of the best companies to work for, Attus delivers intelligent solutions for judicial and advisory process management to State and Municipal Prosecutors’ Offices. **What are we looking for?** People who embody honesty, excellence, respect, and recognition of results—and who are ready to deliver their best every day, with ethics, innovation, and teamwork. **About the role** At Attus, well-structured data fuels strategic decisions. We’re seeking a DevOps Engineer with a strong focus on Security (DevSecOps), who works hands-on and with a systemic vision, contributing to hardening our platform without compromising delivery speed. More than just operating tools, we seek someone who understands that security is not a bottleneck—but an accelerator—and who thinks of security as an integral part of both product and operations, ensuring smooth deployments and protecting our ecosystem against threats. Join us in building the future of public law! **Does this opportunity resonate with you?** **Responsibilities and duties** Your challenge will be: DevSecOps Culture and Hardening: Integrate security across all stages of the software lifecycle (Shift Left). You’ll serve as the focal point for implementing SAST/DAST tools in GitLab and environment hardening. Orchestration and Deployment: Ensure continuous delivery (CI/CD) flows, managing deployments across Kubernetes clusters (OKE and On-Premise), with emphasis on zero downtime and safe rollback. Container and Infrastructure Security: Implement security policies for Docker and Kubernetes (Network Policies, RBAC, Pod Security Standards) and manage vulnerabilities in container images and packages. Observability and Response: Use the Prometheus, Grafana, and ELK stack to anticipate security and performance failures, creating intelligent alerts that distinguish noise from real incidents. Identity and Access Management: Administer access controls (IAM/Vault), enforcing the principle of least privilege both in cloud and legacy environments. Critical Operations and On-Call Duty: Participate in rotating on-call schedules—including weekends and holidays—to ensure availability of critical systems for the public sector during peak demand periods. Infrastructure as Code (IaC): Eliminate manual tasks using Terraform or Ansible, ensuring all infrastructure and security configurations are versioned and replicable. AI Applied to Security and Observability: Design and evolve AI/ML-based automations for log analysis, anomaly detection, and security event correlation (intelligent SIEM), reducing false positives and accelerating incident response in Kubernetes and hybrid environments. Security Orchestration, Automation, and Response (SOAR): Create automated playbooks for security incident response (e.g., IP blocking, access revocation, rollback of vulnerable deployments), integrating CI/CD pipelines, Kubernetes, and observability tools. **Does this make sense for you? Let’s see what you absolutely need to join this team!** **Requirements and qualifications** **The technical and behavioral requirements for this role are:** **Technical** Previous experience as a DevOps, SRE, or Infrastructure Analyst with a security focus. Advanced proficiency in Kubernetes (preferably OKE — Oracle Kubernetes Engine) and Docker container administration. Practical experience with GitLab CI/CD, including building and maintaining automation pipelines. Deep knowledge of monitoring and logging using Prometheus, Grafana, and the ELK stack (Elasticsearch, Logstash, Kibana). Experience with security tools (WAF, vulnerability scanners, secret management). Hands-on experience in Cloud and On-Premise environments, and networking concepts (VPN, Firewalls, Load Balancers). Availability for rotating on-call duty (weekends and holidays), with a resilient profile for crisis management. **What we value** Ownership: You don’t just “push code”—you feel personally accountable for the security and performance of production systems. Resilience and Calm Under Pressure: Ability to stay focused during critical incidents, prioritizing resolution and clear communication. Security Focus Without Bureaucracy: Seeking automated ways to ensure compliance without hindering the development team’s velocity. Technical Leadership and Collaboration: Willingness to share knowledge with the team and mentor peers on security best practices. **What could set you apart in our process** Security Certifications: CKS (Certified Kubernetes Security Specialist), Cloud Security (CCSP), or specific OCI (Oracle Cloud Infrastructure) certifications. Scanning and Analysis Tools: Experience with SAST/DAST and dependency analysis tools (e.g., Snyk, SonarQube, Trivy, or Aqua Security) integrated into GitLab pipelines. Secrets and Identity Management: Proficiency in solutions for key and secret management. Governance and Compliance: Practical knowledge of audit frameworks and internal controls—specifically SOC2 (Type I or II) or ISAE 3402—with focus on cloud service security and availability. **Do you identify with this? Apply now and unlock your potential too!** **Additional information** **Last but not least! Check out our (your potential) benefits...** 100% remote position. Eco-friendly welcome kit. Sustainable corporate culture. Ongoing campaigns. Composting incentive. Health insurance plan. Life insurance. Friendly and collaborative environment. Workplace gymnastics. FreeDay. Reading allowance. Meal voucher. Caju Card gift + birthday chat. Virtual social events. Off-moment. Continuous development. Innovation program. Education allowance. Dual screen. Discount partnerships (pharmacies/nutritionists and psychologists). Clude wellbeing app. Totalpass. Home office allowance. Graduation day off. Gift for new children of employees. Gift upon return from paternal leave. **Attus**, part of Eloware Group, offers a digital prosecution solution powered by **artificial intelligence**, supporting fiscal enforcement management, extrajudicial collections, judicial litigation, and advisory services. Combining expertise, **innovation, and technology**, Attus **simplifies** prosecutors’ activities securely, **boosts** their productivity, and **enhances** prosecution outcomes. Embedded in a strong culture of **innovation and humanization**, the company has been certified as a **great place to work** by Great Place to Work (GPTW). In 2024, it achieved an outstanding trust score of **95%**, reinforcing our care and commitment to our team members. **Join the Attus team!**