** Role**

**CI/CD Engineering -- Security \& Compliance (DevSecOps / Platform Engineering)**

We are supporting a major energy-sector digital platform initiative focused on enabling engineering and operations teams through a secure, cloud-native internal developer platform.

We are currently looking for a Senior DevSecOps / Platform Engineer to help design, implement, and operate secure CI/CD and Kubernetes-based platform services, ensuring compliance, scalability, automation, and operational resilience across the organization's engineering ecosystem.

** About the Role**

In this position, you will play a key role in the Platform Engineering and DevSecOps domain, working closely with Engineering, Operations, and Product teams to deliver secure and scalable CI/CD solutions.

You will contribute to the design and operation of cloud-native infrastructure, security tooling, GitOps workflows, observability platforms, and vulnerability management processes, while supporting software supply chain security and compliance initiatives.

The role combines hands-on technical implementation with platform reliability, automation, governance, and developer enablement responsibilities.

** Responsibilities**

• Design, implement, and maintain secure DevOps and CI/CD solutions ensuring integrity, confidentiality, and availability of systems and data

• Develop and configure CI/CD pipelines with integrated security scanning and compliance validation

• Implement secure configurations, access controls, encryption mechanisms, and security best practices across repositories, systems, and deployment pipelines

• Automate infrastructure provisioning and management using Infrastructure-as-Code tools such as Terraform, OpenTofu, and Ansible

• Design and operate Kubernetes-based platforms and containerized environments with a strong focus on security, scalability, and operational reliability

• Implement and maintain GitOps workflows using tools such as ArgoCD and FluxCD

• Operate and optimize GitLab environments, including CI workloads, governance, access control, and high-availability architectures

• Integrate and expose security tooling to development teams through self-service workflows and CI/CD integration

• Support vulnerability management and security hardening activities, including patching, dependency management, remediation tracking, and secure baseline enforcement

• Implement and maintain software supply chain security practices including SBOM generation, dependency tracking, artifact signing, provenance, and compliance validation

• Integrate security tooling such as Trivy, Dependency-Track, and DefectDojo into development and deployment workflows

• Build and maintain observability platforms using Prometheus, Grafana, Loki, OpenTelemetry, and related tooling

• Monitor platform reliability, availability, logs, metrics, traces, and incident response activities

• Conduct risk assessments, threat modelling, audits, and compliance reviews

• Collaborate with development, operations, and security stakeholders to support platform evolution and operational excellence

• Produce and maintain technical documentation, architecture diagrams, operational procedures, FAQs, and knowledge base content

• Support disaster recovery planning, backup strategies, and operational continuity initiatives

• Contribute to the continuous improvement of developer experience and platform self-service capabilities

** Mandatory Requirements**

** Education**

• Bachelor's or Master's degree in Computer Science, Engineering, Information Systems, or equivalent experience

** Professional Experience \& Expertise**

• Strong experience designing and implementing DevSecOps and CI/CD solutions in enterprise environments

• Proven experience embedding security controls into CI/CD pipelines and platform layers

• Strong hands-on experience operating large-scale Kubernetes environments

• Deep understanding of Kubernetes internals including networking, RBAC, admission controllers, storage, scheduling, and API extensions

• Experience implementing container and runtime security in Kubernetes environments

• Strong experience with GitOps workflows using ArgoCD and/or FluxCD

• Strong hands-on experience with Infrastructure-as-Code using Terraform or OpenTofu

• Experience integrating security controls and compliance validation into CI/CD workflows

• Experience operating GitLab in large-scale enterprise environments

• Strong experience managing CI/CD workloads and platform reliability

• Experience with software supply chain security concepts including SBOMs, artifact signing, dependency tracking, attestations, and provenance

• Hands-on experience with security tooling such as Trivy, Dependency-Track, DefectDojo, or similar solutions

• Experience supporting vulnerability management, remediation, and security hardening initiatives

• Strong understanding of cloud and network security principles including segmentation, firewalls, VPNs, and secure communication

• Strong knowledge of encryption, PKI, certificates, and secure communication flows

• Experience working in compliance-driven or regulated environments

• Experience supporting audits and security policy reviews

• Strong collaboration and stakeholder management skills within cross-functional technical environments

**Technical Knowledge \& Skills**

• Kubernetes (GKE preferred)

• GitLab CI/CD

• ArgoCD / FluxCD

• Terraform / OpenTofu

• Docker \& container ecosystems

• Harbor registry

• Trivy, Dependency-Track, DefectDojo

• Prometheus, Grafana, Loki, OpenTelemetry

• GCP / GKE / IAM / Networking

• Infrastructure automation and platform engineering

• Observability and monitoring platforms

• Security hardening and vulnerability management

• CI/CD pipeline automation

• Documentation and technical governance

• PostgreSQL, Jira, TestRail

** Nice to Have**

• Experience operating platforms in regulated or critical infrastructure environments

• Experience with policy-as-code frameworks such as Kyverno

• Experience with secrets management solutions such as HashiCorp Vault

• Familiarity with progressive delivery approaches such as Argo Rollouts

• Experience with multi-cloud or hybrid cloud environments

• Familiarity with Software Composition Analysis (SCA) tools and practices

• Experience with SAST solutions and secure development lifecycle practices

• Experience balancing cloud scalability, operational efficiency, and security requirements

** Languages**

• Fluent English (mandatory -- B2 minimum)

• German is a plus

** Location**

• Brussels

** Work Model**

• Hybrid - Full-time