This is us

At Avenga, we believe that human creativity empowers technology that matters. Operating globally, our 6000+ specialists provide a full spectrum of services, including business and tech advisory, enterprise solutions, CX, UX and Ul design, managed services, product development, and software development.

This is the job

We are looking for a DevSecOps Engineer to lead security-by-design practices across GitLab CI/CD. You will help enforce application security, compliance, and delivery reliability through automation, vulnerability management, and secure SDLC standards. This role includes transitioning legacy security tools to GitLab-native capabilities and working closely with InfoSec, Cloud Platform, and Product teams.

This is you

• Proven experience with GitLab Ultimate security features and CI/CD administration

• Hands-on with SAST, DAST, SCA, container scanning, and secret detection in automated pipelines

• Practical experience with SCA tools like BlackDuck, Nexus Lifecycle, Snyk

• Familiar with SonarQube for code quality

• Strong scripting/automation skills in Python, Bash, YAML

• Solid fundamentals in container and cloud security (Docker, Kubernetes, image scanning, registry hardening)

• Experience with threat modeling, risk assessment, and remediation planning

Nice-to-have skills:

• Relevant certifications: DevSecOps Professional, CKS, Security+, or equivalent

• IaC security tooling experience (Terraform + OPA, Conftest, Checkov)

• Knowledge of software supply chain security, including SBOM, Cosign, and SLSA

• Familiarity with DORA metrics and security KPI reporting

This is your role

• Drive secure-by-design guardrails across GitLab CI/CD

• Implement and maintain automated security scanning: SAST, DAST, SCA, container, and secret detection

• Enforce policy-as-code (branch protection, MR approvals, vulnerability gates, artifact signing)

• Manage vulnerability lifecycle: periodic assessments, triage, remediation planning, and tracking to closure

• Collaborate with engineering and product stakeholders to prioritize security fixes

• Align controls with CIS, NIST, and (if applicable) GDPR

• Enable audit-ready reporting, SBOM generation, and security KPIs in observability dashboards

• Implement secure IaC using Terraform/Ansible and apply least-privilege and zero-trust patterns

• Harden CI/CD infrastructure: build runners, container images, registries, and deployment targets

• Champion shift-left security via training, playbooks, and standardized toolchains

• Document security runbooks and contribute to SDLC harmonization standards

What awaits you at Avenga?

At Avenga, everyone matters. We provide equal opportunities in recruitment, career development, and leadership, regardless of race, ethnicity, gender identity, sexual orientation, disability, age, religion, or any other characteristic. We are committed to fostering a work environment where our diverse community of employees, candidates, and business partners actively shapes our growth. By bringing together people from different backgrounds and experiences, we build a workplace where everyone feels free to be themselves while honoring the boundaries of others.