Summary: Seeking a highly skilled engineer to integrate security into CI/CD pipelines, automate infrastructure hardening, and drive secure Cloud environments. Highlights: 1. Exposure to cutting-edge Cloud, AI, and Cybersecurity challenges 2. Clear career path to Security Architecture or Platform Engineering Leadership 3. Work with advanced tech stack for high-performing specialized engineers **Who We Are Looking For:** **The Architects of Secure Velocity** ----------------------------------------------------------------- You are a highly skilled engineer who sees security as a feature, not an afterthought. Your focus is on eliminating manual processes and hardening the infrastructure. * **You Are the Security Integrator:** You won't just audit code; you will embed security tools and practices *within* the CI/CD pipeline (SAST, DAST, IAST, image scanning). Your goal is to make security checks mandatory, automated, and invisible to the developers. * **Master of the Toolchain:** You're obsessed with Infrastructure as Code (IaC), automation, and building highly available, secure Cloud environments (AWS, Azure, or GCP). You know that the best defense is automation. * **Exponential Growth in Expertise:** This role offers direct exposure to cutting\-edge Cloud, AI, and Cybersecurity challenges. You will quickly become an expert in scalable, secure architectures, driving your career towards **Security Architecture** or **Platform Engineering Leadership**. **Your Mission:** **Build, Secure, and Automate** ------------------------------------------------- Your success is measured by the speed of deployment, the stability of the platform, and the absence of critical vulnerabilities. * **CI/CD Security Automation:** Design, implement, and maintain secure CI/CD pipelines (e.g., GitLab, Jenkins, GitHub Actions), focusing on integrating security tests early and often (*shift left*). * **Cloud Security Implementation:** Implement and enforce security controls, configurations, and hardening across our Cloud infrastructure using **IaC tools** (Terraform, CloudFormation). * **Incident Response and Monitoring:** Define and refine security monitoring, alerting, and automated incident response protocols (logging, SIEM integration). You are the first line of defense for the platform. * **Collaboration with Dev Teams:** Work alongside development teams to define secure coding standards, conduct security training, and evangelize DevSecOps best practices throughout the organization. **Who You Are:** **The Security\-First Automator** -------------------------------------------------- You are an engineer who views a slow or insecure process as an immediate problem to be solved with code. * **Deep Experience:** You have **2–5 years of experience** in DevOps, SRE, or specifically DevSecOps, with a strong background in Cloud platforms (AWS, Azure, or GCP). * **Tooling Ninja:** Expert proficiency with **IaC (Terraform)**, configuration management (Ansible/Puppet), containerization (Docker, Kubernetes), and modern CI/CD tools. * **Security Savvy:** Solid understanding of security fundamentals, including identity and access management (IAM), network security, encryption, and threat modeling. Certifications (e.g., AWS Security Specialist, CISSP, GCSA) are a major advantage. * **Automation Obsession:** You believe manual tasks are a risk. You are compelled to write code to solve operational and security challenges. **What We Offer** ----------------- A compensation and environment built for high\-performing, specialized engineers. * **Highly Competitive Salary:** 40K\-60K, with performance bonuses tied to platform security and availability metrics. * **Advanced Tech Stack:** Direct access to cutting\-edge tools and technologies (AI, advanced Cloud services, specialized security tools). You'll work with the best, to be the best. * **Strategic Hybrid Model:** Office in Milan (3 days) for deep, collaborative engineering sessions with the Platform and Product teams. 2 flexible days. * **Career Path to Security Architecture:** This role provides a clear track to becoming a **Principal Security Architect** or **Platform Engineering Leader**, defining the future technological roadmap of the company. **Selection Process:** **Engineering Rigor** -------------------------------------------- **We want to see your code, your secure thinking, and your automation philosophy.** * **Phase 1:** Screening Call (30 minutes) * **Phase 2:** Technical Deep Dive Interview (1 hour) – *Focus on IaC, CI/CD, and Cloud Security principles.* * **Phase 3:** Practical Coding/Design Challenge (Take\-home or collaborative session) – **Solve a real\-world DevSecOps scenario.** * **Phase 4:** Cultural \& Leadership Fit (30 minutes) Compensation Range: €40K \- €60K