The international IT сompany Andersen invites a DevSecOps Engineer to work on large-scale projects.  Andersen is a pre-IPO global software development company with over 18 years of experience delivering full-cycle IT services. We specialize in helping enterprises and fast-growing mid-sized businesses accelerate their digital transformation through modern, scalable, and secure software solutions.  Our company operates across a global network of 18 development centers and offices, strategically located in North America, Western and Central Europe, the Middle East, and the Asia-Pacific region. With a strong team of over 3,500 highly skilled professionals, we combine deep domain expertise and advanced technical capabilities to consistently deliver exceptional results for our clients.  Responsibilities:  Integrating security practices into CI/CD pipelines and development workflows.   Implementing automated security checks, vulnerability scanning, and compliance validation.   Managing secrets, credentials, and access policies.   Monitoring cloud and infrastructure security configurations, identifying risks, and implementing improvements.   Collaborating with development and security teams to ensure secure application delivery.   Supporting incident response activities and contributing to root cause analysis.   Developing automation scripts and tools to enhance security processes.   Maintaining documentation for security controls, processes, and best practices.   Must-haves:  Experience as a DevSecOps Engineer for 2,5+ years.   Strong understanding of CI/CD pipelines and experience integrating security tools (SAST, DAST, SCA, IaC scanning and compliancy control and others).   Hands-on experience with cloud platforms (AWS, Azure, or GCP). .   Knowledge of container security, Docker, and Kubernetes security best practices.   Familiarity with secrets management solutions (Hashicorp Vault, AWS Secrets Manager, etc.).   Scripting skills (Python, Bash, or similar) for automation.   Experience with monitoring and logging tools (ELK, Prometheus, Grafana).   Understanding of threat modeling, vulnerability management, and secure coding principles.   Level of English – from Upper-Intermediate and above.   Nice-to-haves:  Experience with Zero Trust, IAM, or security governance frameworks.   Knowledge of compliance standards (ISO 27001, SOC 2, GDPR).   Certifications such as AWS Security Specialty, CKS.   Reasons why this job would be interesting to you:  Experience in teamwork with leaders in FinTech, Healthcare, Retail, Telecom, and others. Andersen cooperates with such businesses as Samsung, Siemens, Johnson & Johnson, BNP Paribas, Ryanair, Mercedes, TUI, Verivox, Allianz, T-Systems, etc.;  The opportunity to change the project and/or develop expertise in an interesting business domain;  Job conditions – you can work both fully remotely and from the office or can choose a hybrid variant;  Guarantee of professional, financial, and career growth! The company has introduced systems of mentoring and adaptation for each new employee;  The opportunity to earn additional up to 1,000 USD per month by participating in the company's activities;  Access to the corporate training portal, where the entire knowledge base of the company is collected and which is constantly updated;  Bright corporate life (parties / pizza days / PlayStation / fruits / coffee / snacks / movies);  Certification compensation (AWS, PMP, etc);  Referral program;  English courses;  Private health insurance and compensation for sports activities.  Your personal data is protected in accordance with GDPR regulations. Learn more: https://andersenlab.com/privacy-policy/pl Join us!    https://people.andersenlab.com/