- Collaborate with the Security Architect to drive the Security Architecture & Solutions for our core digital portfolio and future digital products
- Automate repetitive tasks and implement secure CI/CD pipelines, enhancing productivity and reducing errors
- Own the implementation and continuous improvement of security tooling across various areas including static/dynamic analysis, dependency scanning, and secrets detection
- Implement appropriate technical and organizational security controls to mitigate identified risks, with a focus on automating these measures wherever possible
- Promote and facilitate Security-By-Design principles across the development team, bridging the gap between operations and security
- Implement Infrastructure as Code (IaC) security measures, protecting integral aspects of our infrastructure and ensuring secure deployments
- Embed security within the DevOps lifecycle, including the design and execution of signed image verification systems to ensure the authenticity and integrity of images
- Conduct ongoing security training for the development team to ensure awareness and compliance
- Security-focused or Computer Science university degree (Bachelors) OR equivalent experience
- 5+ years' experience in DevOps, with significant exposure to security aspects
- Proficiency in one or more programming languages, predominantly used in DevOps like Python, Ruby, or Go
- Practical experience with CI/CD pipelines and tools such as Jenkins, and AWS CodePipeline
- Experience with container orchestration tools like Kubernetes and Docker, and cloud environments such as AWS, Azure, or Google Cloud
- Relevant certifications such as AWS/Azure Certified DevOps Engineer, or similar qualifications are considered an advantage
- Experience with medical security governance and IT general control frameworks such as DSOMM, HIPPA, ISO , NIST CSF, NIST -53, MDR (EU), etc., is a huge advantage
- Deep understanding of secure Infrastructure as Code (IaC) strategies and signed image verification practices
- Experience in using Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) tools for code analysis
- Security Knowledge: Solid understanding of network access, identity, access management, applied cryptography, network security methodologies, and secure software development methodologies
- Knowledge and experience with identifying and understanding the most common application security vulnerabilities (OWASP Top 10)
- Agile mindset, Continuous Quality and Process Improvement
- Deep expertise with more than one of the following area: API security DevSecOps practices Identity and Access Management Compliance & regulations for medical devices Cloud Security Architecture & Controls Security Architecture & Models in Healthcare Zero trust & Defense in depth principles Network security Infrastructure and application security assessment Vulnerability management Application Security IoT Security architecture CI/CD tooling (SAST, DAST, SCA, Secret Scanner. Secure Gates, Image Signed, etc) Threat Modeling and Secure-by-Design Security Operations
- Competitive compensation depending on experience and skills
- Knowledge-sharing across EPAM's global Tech Communities
- Unlimited access to LinkedIn learning solutions
- Relocation support as per EPAM relocation policies
- EPAM Community with regular corporate and social events
- Career growth, performance and compensation reviews
- EPAM Employee Stock Purchase Plan (ESPP) (subject to certain eligibility requirements)
- EPAM Switzerland was named a Top Company , & by Kununu for its people centric culture built on life-long learning
- EPAM is a leading global provider of digital platform engineering and development services. We are committed to having a positive impact on our customers, our employees, and our communities. We embrace a dynamic and inclusive culture. Here you will collaborate with multi-national teams, contribute to a myriad of innovative projects that deliver the most creative and cutting-edge solutions, and have an opportunity to continuously learn and grow. No matter where you are located, you will join a dedicated, creative, and diverse community that will help you discover your fullest potential
- Please note that any offers will be subject to appropriate background checks
- We do not accept CVs from recruiting or staffing agencies
- For this position, we are able to consider applications from the following: Swiss nationals EU/EFTA nationals Third-country nationals based in Switzerland with an appropriate work permit Displaced people from Ukraine who are currently in Switzerland and hold, or have already applied for, S permits
-
Engineering and DevOps Lead
vor 3 Tagen
Bank For International Settlements Basel, Schweiz**Engineering and DevOps Lead**: · **Description** · The Bank for International Settlements (BIS) is hiring an Engineering & DevOps Lead to join our Banking IT team. · **Purpose of the job**: · The Banking IT team leads and maintains a software portfolio that supports treasury an ...
-
Cybersecurity Architect for Waf
vor 1 Tag
Helvetia Versicherungen Basel, SchweizCybersecurity Architect for WAF (f/m/d) part-time/full-time · Basle/Basel · With work experience · % · At Helvetia, &Go means "power on" at the first click. In our IT department, you can try lots of things out as part of an impassioned team - and yet still go your own way. We are ...
-
Web Application Firewall Security Architect
vor 4 Tagen
Helvetia Versicherungen Basel, SchweizWeb Application Firewall Security Architect (f/m/d) part-time/full-time · Basle/Basel · With work experience · % · At Helvetia, &Go means "power on" at the first click. In our IT department, you can try lots of things out as part of an impassioned team - and yet still go your own ...
-
Principal Data Scientist
vor 4 Tagen
Bank For International Settlements Basel, SchweizThe Bank for International Settlements (BIS) is hiring a Principal Data Scientist to join our Customer & Asset Management Applications team in the Banking department. · **Purpose of the job**: · Through a combination of business and technical expertise, to perform and enable adva ...
-
Software Developer
vor 2 Tagen
TEKsystems Basel, SchweizPlease apply if you are eligible for a Swiss work permit. · Our client in the Financial Services industry, is looking for a strong back-end software developer to design, implement and test .NET micro-services. A software Engineer with experience in containers and message queues i ...
-
Chapter Lead, Supply Chain Planning
vor 7 Stunden
DSM Münchenstein, SchweizChapter Lead, Supply Chain Planning · Location: Barcelona, Spain/ Maastricht, Netherlands · Hybrid · As our Chapter Lead, Supply Chain Planning, you will be responsible for leading and developing a group of professionals within a specific area of expertise, known as a "chapter ...
-
Senior DevOps Engineer
vor 6 Tagen
Datalynx AG Kaiseraugst, Schweiz Ganztags· For our client, a well-known pharmaceutical company in Basel, we are looking for a SAP Master Data Analyst (m/f/d). · Background · The pharma industry is shifting from chemistry to IT, it's critical to deliver digital solutions right now - even as we develop innovations for th ...
-
Full-Stack Software Engineer
vor 4 Tagen
Fachhochschule Nordwestschweiz Windisch, SchweizFull-Stack Software Engineer %) · Fachhochschule Nordwestschweiz FHNW, Services · Flexibilität, Gestaltungsfreiraum, Kreativität, Interdisziplinarität - so arbeiten wir Ihre Aufgaben: · Als Full-Stack Software Engineer*in arbeiten Sie zusammen mit Ihren Kolleginnen und Kollegen ...
-
Full-Stack Software Engineer
vor 1 Woche
Fachhochschule Nordwestschweiz Windisch AG, SchweizFull-Stack Software Engineer %) · Fachhochschule Nordwestschweiz FHNW, Services · Flexibilität, Gestaltungsfreiraum, Kreativität, Interdisziplinarität - so arbeiten wir · Ihre Aufgaben: · Als Full-Stack Software Engineer*in arbeiten Sie zusammen mit Ihren Kolleginnen und Kolle ...
-
Full-Stack Software Engineer
vor 4 Tagen
FHNW Windisch, SchweizIhre Aufgaben: · Als Full-Stack Software Engineer*in arbeiten Sie zusammen mit Ihren Kolleginnen und Kollegen vom Team Software Engineering der Corporate IT an innovativen digitalen Lösungen für unsere Studierenden und Mitarbeitenden. Das Software Engineering Team erarbeitet die ...
-
Full-Stack Software Engineer
vor 1 Woche
Fachhochschule Nordwestschweiz FHNW Windisch, Schweiz Ganztags· Full-Stack Software Engineer %) · University of Applied Sciences Northwestern Switzerland FHNW, Services · Flexibility, creative freedom, creativity, interdisciplinarity – that's how we work · Your tasks: · As a full-stack software engineer, you will work with your colleagues ...
DevSecOps Engineer - Basel, Schweiz - Epam
Beschreibung
Description
About the role
EPAM is looking for a dedicated DevSecOps Engineer to automate and optimize our development processes and ensure secure CI/CD pipelines. Working closely with our Security Architect, your main responsibility would be to reinforce our security posture across our development teams and digital portfolio.At EPAM, you will work with the most recent advancements in tech, ensuring that our innovative solutions stay at the cutting edge of technology trends while also being safe and reliable. Our DevSecOps team is composed of globally recognized experts who take pride in driving real impact in the tech security domain.
We value flexibility and offer a modern approach to work with a hybrid model. You can enjoy the privilege of working from home, backed by occasional visits to client sites or our office. This is an exceptional opportunity to lead and learn, while shaping the future of secure technology deployment.
Responsibilities
Requirements
We Offer
About EPAM
Additional
