Verita HR is an international company providing recruitment support within #Fintech, #Finance and #Banking market in EMEA. We connect the most innovative organizations with the best people in the market. We conduct systematic market research, which allows our Digital Teams to be a step ahead of the competition.

Do you want to work for one of the world’s largest global banks? Want to be part its exciting digital transformation? Do you want to engineer incredible products for millions of customers?

Well, our Client offers just that ☺︎ It's a leader in digital transformation of banking services and Cracow is one of the most important technological centers - majority of projects are delivered from Poland ☺︎

Overview:

Own and evolve our Jenkins Shared Library powering multi-language builds (Java/Maven, Node/NPM, Python, Helm, Terraform, containers). Deliver fast, secure, provenance-rich pipelines (SLSA, SBOM, digests) and strengthen supply-chain integrity across teams.

What you will do:

• Design and maintain Groovy pipeline steps (build, test, package, scan, deploy)
• Extend Python tooling for SLSA provenance, SBOM generation, hash/digest accuracy, and security scan aggregation (SonarQube, Sonatype IQ, SAST/Container)
• Optimize performance (parallel builds, caching, scope-reduced BOMs, dependency prefetch)
• Ensure artifact integrity (correct SHA1/SHA256 mapping, reproducible inputs, evidence modeling)
• Refactor legacy scripts (remove global state, consolidate hashing, standardize templates)
• Document ci-config.yaml standards and usage patterns
• Mentor engineers on secure pipeline development and supply-chain practices
• Troubleshoot and prevent pipeline incidents

Skills:

• 7+ years engineering; 3+ in CI/CD platform or DevSecOps
• Strong Jenkins + Groovy shared library expertise
• Advanced Python automation (JSON/YAML processing, tooling scripts)
• Deep Maven/NPM/Python packaging knowledge; exposure to Helm/Terraform and container image metadata
• Supply-chain security (SLSA, CycloneDX SBOM, digests)
• Experience with SonarQube, Sonatype IQ, container and SAST scanning
• Proven performance tuning (caching, parallelization, dependency pruning)
• Compliance Awareness

Nice to have:

• Artifact signing / attestations (cosign, OCI)
• GitOps or release automation experience
• GCP/AWS cloud experience

What's in it for you?

• Prestigious position at one of the world's largest banks
• Stable, long-term projects
• Competitive salary with a B2B contract
• Hybrid work (6 days per month from the office in Cracow) and flexible working hours
• Private healthcare and multisport card
• Personal growth and development opportunities with the possibility to rotate between projects
• Referral program and company events
• Convenient parking

Recruitment process: two on-linemeetings with hiring managers, followed by an initial phone screening with our recruiter

Hybrid work: 6 days per month from the office in Cracow