DevSecOps Engineer

Senior DevSecOps / CI/CD Engineer Contract type: B2B / Contracting Work model: Hybrid – 2 days per week on-site (Kraków) Industry: Banking / FinTech Rate: 200–220 PLN/h (B2B) Role Overview We are looking for a highly experienced Senior DevSecOps / CI/CD Engineer to join a platform engineering team supporting a major banking client. The role focuses on designing, building, and maintaining secure, efficient CI/CD pipelines and improving the organization’s software supply-chain security posture. You will work on pipeline optimization, Python tooling, artifact integrity, security scanning, and mentoring engineers on DevSecOps best practices. Key Responsibilities Design and maintain Groovy-based pipeline steps (build, test, package, scan, deploy). Extend Python tooling for SLSA provenance, SBOM generation, digest/hash accuracy, and aggregated security scanning (SonarQube, Sonatype IQ, SAST/Container). Optimize pipeline performance (parallel builds, caching, reduced-scope BOMs, dependency prefetch). Ensure artifact integrity (correct SHA1/SHA256 mapping, reproducible builds, evidence modeling). Refactor legacy scripts: remove global state, unify hashing logic, standardize templates. Create and maintain documentation for ci-config.yaml standards and usage patterns. Mentor engineers on secure pipeline development and supply-chain security practices. Troubleshoot and prevent incidents in CI/CD pipelines. Required Skills & Qualifications 7+ years of engineering experience , including 3+ years in CI/CD platform development or DevSecOps . Strong expertise in Jenkins and Groovy Shared Libraries . Advanced proficiency in Python (automation, tooling scripts, JSON/YAML processing). Deep understanding of Maven / NPM / Python packaging ; exposure to Helm/Terraform and container image metadata. Strong background in supply-chain security (SLSA, CycloneDX SBOM, digests). Experience with SonarQube, Sonatype IQ, container scanning, and SAST tools . Proven performance tuning skills (caching, parallelization, dependency pruning). Awareness of compliance standards and enterprise governance. Nice-to-Have Experience with artifact signing / attestations (cosign, OCI). Familiarity with publishing Terraform modules and Helm charts . GitOps or release automation experience. Cloud experience (GCP or AWS). Soft Skills Clear and precise communication. Strong documentation discipline. Ownership mindset; able to operate independently with minimal supervision. Why apply for an Antal job offer? When your application is successful, you will be supported by a dedicated Consultant who will stay in regular contact with you (via email or phone), help you prepare for interviews with your future employer, and ensure a smooth and professional recruitment process. About Antal Antal is a leading recruitment and HR advisory company, present in Poland since 1996 and later expanded to the Czech Republic and Hungary. Across the CEE region, we employ around 150 professionals who deliver a full range of services – from specialist and executive recruitment, employee outsourcing and HR consulting, to employer branding and market research. Our division-based structure combines deep industry expertise with functional specialisation, enabling us to provide tailored solutions for companies in every sector. We act as a trusted partner for both employers and candidates, sharing our knowledge and guiding them through every stage of the talent journey. We connect exceptional people with the right opportunities and help organisations build successful teams. Discover our latest job openings:  Follow us on LinkedIn: