DevSecOps Engineer (BQA / NATO) Long-Term Contract, Remote (Europe)
Role Overview
You will serve as the bridge between development, operations, and security, building, deploying, and maintaining infrastructure & pipelines that comply with NATO / BQA security standards. You will lead security automation, enforce compliance, and partner with architects and engineers to embed security deeply in all systems.
Key Responsibilities -
Design, implement, and maintain secure CI/CD pipelines and infrastructure
-
Integrate security controls, scans, and audits into build and deployment workflows
-
Automate compliance checks, vulnerability scanning, and remediation workflows
-
Develop Ia
C (Infrastructure as Code) templates and modules with secure defaults
-
Harden systems, environments, and services to meet strict security standards
-
Monitor, respond to, and analyze security incidents in production
-
Conduct threat modeling, security reviews, and risk assessments
-
Document security architecture, processes, and incident analyses
-
Interact with external auditors, compliance teams, and stakeholders
Mandatory Requirements (any shortfall = disqualification) -
Domain / Security Experience
-
Minimum 5+ years working in Dev
Sec
Ops, infrastructure security, or cloud security in regulated, defense, or government environments
-
Prior exposure to NATO / defense / BQA / similar
- security domain
-
Cloud & Infrastructure Expertise
-
Proven
- on experience with one or more major cloud platforms (AWS, Azure, GCP)
-
Deep knowledge of VPCs, networking, IAM, security groups, and
- trust fundamentals
-
Experience with container orchestration (Kubernetes), serverless, and microservices
-
CI/CD, Automation & Tooling
-
Mastery of CI/CD tools (Jenkins, Git
Lab CI, Git
Hub Actions, etc. )
-
Skilled in building secure pipelines with automation, testing, rollback, and artifact control
-
Infrastructure as Code (Terraform, Cloud
Formation, Ansible, etc. )
-
Security, Threat Modeling & Hardening
-
Expertise in secure design patterns, encryption, identity & access management, key management
-
Experience with vulnerability scanning (SAST, DAST), code scanning tools, security orchestration
-
Ability to perform threat modeling, risk assessments, and penetration test integration
-
Incident Response & Monitoring
-
Experience establishing and running security monitoring, SIEMs, log management, alerting
-
Incident response, forensics, root cause analysis
-
Process Rigor & Compliance
-
Familiarity with compliance standards (e. g. ISO 27001, NIST, Do
D, etc. )
-
Ability to work under strict change control, audit, and documentation regimes
-
Strong discipline in versioning, approvals, rollback procedures, backups
-
Soft Skills & Communication
-
Excellent English (VERBAL + WRITTEN)
-
Ability to explain complex security issues to
- technical stakeholders
-
High attention to detail, accountability, reliability
-
Logistics & Eligibility
-
Based in Europe, able to engage under contract legally
-
Willing to undergo security / background checks as required by defense clients
Preferred (Not Mandatory) -
Direct experience with NATO / BQA security projects
-
Certifications such as CISSP, CISM, AWS / Azure Security, etc.
-
Hands-on experience with
- time systems, classified environments
-
Experience with hardware, embedded systems, or
- level security
What We Offer -
Competitive contract (remote, European)
-
Long-term stable engagement
-
Work at the forefront of secure systems, infrastructure, and defense
-
High standards, professional environment, opportunities for impact
Application Instructions -
Your CV / resume, clearly highlighting Dev
Sec
Ops, security, and defense/regulatory experience
-
Cover letter addressing how you meet each mandatory requirement
-
Details or links for past projects in secure / regulated infrastructure contexts
-
References or contacts able to speak to your performance in security / regulated roles
Design, implement, and maintain secure CI/CD pipelines and infrastructure
Integrate security controls, scans, and audits into build and deployment workflows
Automate compliance checks, vulnerability scanning, and remediation workflows
Develop Ia
C (Infrastructure as Code) templates and modules with secure defaults
Harden systems, environments, and services to meet strict security standards
Monitor, respond to, and analyze security incidents in production
Conduct threat modeling, security reviews, and risk assessments
Document security architecture, processes, and incident analyses
Interact with external auditors, compliance teams, and stakeholders
-
Domain / Security Experience
-
Minimum 5+ years working in Dev
Sec
Ops, infrastructure security, or cloud security in regulated, defense, or government environments -
Prior exposure to NATO / defense / BQA / similar
- security domain
-
-
Cloud & Infrastructure Expertise
-
Proven
- on experience with one or more major cloud platforms (AWS, Azure, GCP) -
Deep knowledge of VPCs, networking, IAM, security groups, and
- trust fundamentals -
Experience with container orchestration (Kubernetes), serverless, and microservices
-
-
CI/CD, Automation & Tooling
-
Mastery of CI/CD tools (Jenkins, Git
Lab CI, Git
Hub Actions, etc. ) -
Skilled in building secure pipelines with automation, testing, rollback, and artifact control
-
Infrastructure as Code (Terraform, Cloud
Formation, Ansible, etc. )
-
-
Security, Threat Modeling & Hardening
-
Expertise in secure design patterns, encryption, identity & access management, key management
-
Experience with vulnerability scanning (SAST, DAST), code scanning tools, security orchestration
-
Ability to perform threat modeling, risk assessments, and penetration test integration
-
-
Incident Response & Monitoring
-
Experience establishing and running security monitoring, SIEMs, log management, alerting
-
Incident response, forensics, root cause analysis
-
-
Process Rigor & Compliance
-
Familiarity with compliance standards (e. g. ISO 27001, NIST, Do
D, etc. ) -
Ability to work under strict change control, audit, and documentation regimes
-
Strong discipline in versioning, approvals, rollback procedures, backups
-
-
Soft Skills & Communication
-
Excellent English (VERBAL + WRITTEN)
-
Ability to explain complex security issues to
- technical stakeholders -
High attention to detail, accountability, reliability
-
-
Logistics & Eligibility
-
Based in Europe, able to engage under contract legally
-
Willing to undergo security / background checks as required by defense clients
-
Preferred (Not Mandatory) -
Direct experience with NATO / BQA security projects
-
Certifications such as CISSP, CISM, AWS / Azure Security, etc.
-
Hands-on experience with
- time systems, classified environments
-
Experience with hardware, embedded systems, or
- level security
What We Offer -
Competitive contract (remote, European)
-
Long-term stable engagement
-
Work at the forefront of secure systems, infrastructure, and defense
-
High standards, professional environment, opportunities for impact
Application Instructions -
Your CV / resume, clearly highlighting Dev
Sec
Ops, security, and defense/regulatory experience
-
Cover letter addressing how you meet each mandatory requirement
-
Details or links for past projects in secure / regulated infrastructure contexts
-
References or contacts able to speak to your performance in security / regulated roles
Direct experience with NATO / BQA security projects
Certifications such as CISSP, CISM, AWS / Azure Security, etc.
Hands-on experience with
- time systems, classified environments
Experience with hardware, embedded systems, or
- level security
-
Competitive contract (remote, European)
-
Long-term stable engagement
-
Work at the forefront of secure systems, infrastructure, and defense
-
High standards, professional environment, opportunities for impact
Application Instructions -
Your CV / resume, clearly highlighting Dev
Sec
Ops, security, and defense/regulatory experience
-
Cover letter addressing how you meet each mandatory requirement
-
Details or links for past projects in secure / regulated infrastructure contexts
-
References or contacts able to speak to your performance in security / regulated roles
Your CV / resume, clearly highlighting Dev
Sec
Ops, security, and defense/regulatory experience
Cover letter addressing how you meet each mandatory requirement
Details or links for past projects in secure / regulated infrastructure contexts
References or contacts able to speak to your performance in security / regulated roles
Note: Applications that do not clearly and specifically demonstrate your fit across all mandatory fields will not be considered. Please only apply if you fully meet the bar.
- Informații detaliate despre oferta de muncă
Firma: Kats Recruitment Localiția: Cluj-Napoca
Cluj-Napoca, Cluj County, RomaniaAdăugat: 14. 10. 2025
Postul de muncă activ
Fii primul, care se va înregistra la oferta de muncă respectivă!