Senior DevSecOps Engineer

About Starburst Starburst is the data platform for analytics, applications, and AI, unifying data across clouds and on-premises to accelerate AI innovation. Organizations—from startups to Fortune 500 enterprises in 60+ countries—rely on Starburst for fast data access, seamless collaboration, and enterprise‑grade governance on an open hybrid data lakehouse. Wherever data lives, Starburst unlocks its full potential, powering data and AI from development to deployment. By future‑proofing data architecture, Starburst helps businesses fuel innovation with AI. About the Role As a Senior DevSecOps Engineer, you will be a key player in integrating security practices throughout the software development lifecycle. You will lead initiatives to design, implement, and automate security controls, ensuring the secure development and deployment of applications. This role requires a strong understanding of security principles, DevOps methodologies, and cloud environments, with a focus on continuous improvement and risk mitigation. You will collaborate closely with development, operations, and security teams, and mentor junior engineers to foster a culture of security. Responsibilities Integrate security into the CI/CD pipeline, automating security controls and embedding security throughout the development lifecycle. Support, and maintain Application Security Testing (AST) tools (SAST, DAST, IAST, SCA) to identify code and dependency vulnerabilities. Conduct security assessments, vulnerability analysis, and penetration testing to identify and mitigate security risks. Develop and maintain secure infrastructure as code (IaC) scripts using tools like Pulumi, Terraform, or CloudFormation. Implement and manage security tools and technologies such as SIEMs, IDS/IPS, firewalls, and endpoint protection. Monitor and respond to security incidents, performing root cause analysis and implementing corrective measures. Educate and train development and operations teams on secure coding practices and security tooling. Stay up to date with the latest security threats, trends, and technologies, and proactively address potential risks. Create and maintain documentation related to security policies, procedures, and standards. Participate in security audits and compliance initiatives to ensure adherence to industry regulations and standards. Provide thorough unit testing and automated testing to ensure a quality product is delivered. Improve, enhance, and support existing operations. Design, build, install, configure, and support production deployments. Manage the work of teams implementing DevOps solutions in complex projects. Minimum Qualifications Bachelor's degree in Engineering, Computer Science, Management Information Systems, or a related study, or equivalent experience. Minimum of 5+ years of professional experience in DevOps, security engineering, or a related field. Strong understanding of security principles and best practices, including threat modeling, risk assessment, and vulnerability management. Proficiency with DevOps tools and practices, including CI/CD pipelines, containerization (Docker, Kubernetes), and version control systems (Git). Solid understanding of cloud security concepts and experience with cloud platforms (AWS, Azure, Google Cloud). Strong scripting and automation skills using languages such as Python, Bash, or PowerShell. Experience with security tools such as OWASP ZAP, Burp Suite, Nessus, Metasploit, or similar. Experience in development with shell scripting such as Python, GoLang, etc. Expertise in the Linux operating system. Must be able to demonstrate innovation in problem‑solving. Clear communication with team members and product owners. Ability to effectively communicate technical findings to both technical and non‑technical stakeholders. Must follow and support agile methodologies and practices by actively participating in all SCRUM ceremonies. Must adhere to and develop best practices in software engineering. Preferred Qualifications Experience integrating Cloud Security Posture Management (CSPM) tooling with application security pipelines. Experience with Kubernetes security and best practices. Experience collaborating with vulnerability and risk management partners to interface with risk management and acceptance processes. Experience developing and/or deploying training for software engineers around DevSecOps tooling, secure development standards, and application security fundamentals. Ability to Travel : This role will require occasional in-person travel for purposes including but not limited to new hire onboarding, team and department offsites, customer engagements, and other company events. Actual travel expectations may vary by role and business needs. Where could this role be based? This role is based in our Warsaw office and follows a hybrid model, with an expectation of being onsite 1-2 days per week. Build your career at Starburst All‑Stars have the opportunity and freedom to realize their true potential. By building alongside top talent, we’re empowered to take ownership of our careers and drive meaningful change. Anchored in industry‑proven technology and unprecedented success, All‑Stars are taking on the challenge everyday to disrupt our industry – and the future. Our global workforce is supported by a competitive Total Rewards program that reflects our commitment to a rewarding and supportive work environment. This includes a variety of benefits like competitive pay, attractive stock grants, flexible paid time off, and more. We are committed to fostering an intentional, inclusive, and diverse culture that drives deep engagement, authentic belonging, and an exceptional All‑Star experience. We believe that diversity of thought, perspective, background and experience will enable us to own what we do, drive our success and empower our All‑Stars to show up authentically. Starburst provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws. #J-18808-Ljbffr