About the role

DevSecOps Engineer working on CI/CD pipelines and cloud security for NordVPN. Creating automation tools and mentoring security team members in a hybrid work environment.

Responsibilities

Design, build, and maintain CI/CD pipelines. Integrate SAST, DAST, SCA, CS, secrets, and IaC scanning. Tune signal-to-noise ratio, set quality gates, and document workflows/processes;
Build, test, and maintain infrastructure and tools that allow for secure, agile software development and automated releases;
Develop scripts and security automation tools to enhance security testing processes;
Implement/automate container and cloud infrastructure security;
Strengthen software supply chain security: generate and manage SBOMs, improve dependency hygiene, enforce artifact signing and provenance, and harden pipeline integrity;
Lead vulnerability management workflows from scanner intake and prioritization through remediation tracking and metrics with partner teams;
Contribute to secure design reviews, threat modelling, incident response, and post-incident improvements;
Mentor other engineers, define our technical security culture, and help build a security team presence across our product range;

At least two years of professional experience across DevOps, cloud, or application security, with hands-on ownership of CI/CD and security automation;
Proficiency with at least one CI platform (e.g., GitHub Actions, GitLab CI), artifact registries;
Practical experience integrating and tuning SAST/DAST/SCA/secrets/IaC scanning and interpreting results to drive fixes;
Container and Kubernetes security fundamentals (image hardening, scanning, RBAC, policies, basic runtime detection);
AWS Cloud security experience: implementing access controls, logging/monitoring, and other security controls;
Scripting for automation (Python/Bash) and infrastructure-as-code (Terraform/Terragrunt);
Hands-on experience with Linux, Linux/Unix administration;
Experience working with Agile Development Practices;
Ability to build and maintain relationships and influence key stakeholders across the business;
Sense of ownership with strong problem-solving and investigation skills.

Physical well-being: Boost your health with free-of-charge 24/7 gym access, onsite and online workouts, and consultations led by in-house Physical Well-Being experts.
Mental & emotional health: Nurture your mind with free psychologist consultations, dedicated mental health events, and premium access to top-rated wellness apps like Calm, Headspace, and Mindletic.
Premium healthcare: Receive private health insurance giving you peace of mind for your health needs.
Extra days off: Enjoy additional vacation days off as you grow with us. Plus, get extra days for sick leave, special occasions, or parenting needs.
Joyful moments – special treats: Celebrate life’s big moments with special gifts from us on your birthday, anniversary, and other major events, such as weddings or the arrival of a new family member.
Company events & team-building: Experience iconic Nord Security celebrations, team-buildings, and knowledge-sharing events, nurturing bonds that fuel our success.
Workation: Embark on a legendary company getaway abroad, filled with exciting activities, live concerts, engaging workshops, and epic time together.