DevSecOps Security Consultant
Offer summary

(Summary generated by AI based on the full job description)

The project focuses on cybersecurity and DevSecOps within a financial institution, emphasizing CI/CD, runtime, artifact repositories, and developer tools. Responsibilities include developing a Cybersecurity Maturity Framework, security assessments, threat modeling, and defining and enforcing secure architecture patterns and policy-as-code. Tasks also cover vulnerability management integration, SBOM generation, code signing, and platform security enablement. Benefits include healthcare, Multisport card, insurance, and professional training opportunities.

newyou can start ASAP

DevSecOps Security Consultant

Company: Mindbox Sp. z o.o.

from: 1 July 2026
to: 31 July 2026
30 000 - 36 000net (+ VAT)/ mth.B2B contract (full-time)
Offer parameters
level:senior
working mode:hybrid
location:Kraków, Lesser Poland
Kraków, Lesser Poland

Requirements

Optional technologies

AWS
Google Cloud Platform
Microsoft Azure
Kubernetes

Operating system

Windows

Our requirements

  • Proven experience in Cybersecurity within large, regulated organizations.
  • Deep understanding of CI/CD systems, build tools, artifact repositories, runtime environments, and developer tools.
  • Advanced knowledge of DevSecOps practices, including pipeline security and automation of security controls.
  • Experience in threat modeling, platform-level security assessments, and security gap remediation.
  • Familiarity with cryptography, vulnerability management, and application/network security.
  • Strong skills in stakeholder management and driving alignment across distributed technology teams.
  • Ability to articulate technical risk in business language.

Optional

  • Certifications such as CISSP, CISM, CCSP, CCSK.
  • Knowledge of Cloud Security (AWS, GCP, Azure) and container orchestration (Kubernetes).
  • Experience with supply chain security frameworks (SLSA, SBOM) and secure developer tooling.

Your responsibilities

Framework & Assessment:
  • Develop an Engineering-Platform Cybersecurity Maturity Framework for standardized assessments.
  • Conduct security assessments of CI/CD pipelines, runtime environments, build infrastructures, and developer tools against the framework.
  • Perform threat modeling, gap analysis, and identify systemic vulnerabilities impacting code integrity and workload security.
  • Engineering Platform Security Enablement:
  • Define and enforce secure architecture patterns, policy-as-code, and automated security controls.
  • Partner with platform owners to remediate critical gaps and implement scalable solutions for secure artifact integrity, access management, and configuration hardening.
  • Integrate vulnerability management, SBOM generation, provenance, and code-signing into DevOps workflows.
  • Strategic Roadmap:
  • Build security roadmaps balancing quick wins and long-term improvements.
  • Prioritize initiatives based on business risk and compliance requirements.
  • Governance & Stakeholder Management:
  • Serve as a trusted cybersecurity advisor to platform owners, engineering teams, and senior leadership.
  • Influence adoption of secure engineering practices across federated teams.
  • Continuous Improvement:
  • Track maturity metrics and drive measurable security improvements.
  • Evolve frameworks based on emerging threats, technology shifts, and regulatory changes.
  • Note: Detailed project information will be shared during the recruitment process.

    About the project

    Are you passionate about cybersecurity, engineering excellence, and DevSecOps practices? We are looking for an experienced DevSecOps Security Consultant to shape the security posture of engineering platforms at one of the world’s leading financial institutions. This is your opportunity to define scalable security frameworks, uplift maturity across CI/CD platforms, and enable secure digital delivery at enterprise scale.
    Sounds like your kind of challenge?

    This is how we organize our work

    This is how we work

    agile

    This is how we work on a project

    • Continuous Deployment
    • Continuous Integration
    • DevOps
    Joining this project you’ll become part of Mindbox – a tech-driven company where consulting, engineering, and talent meet to build meaningful digital solutions. We’ll back you up every step of the way, accelerate your development, and ensure your skills make a difference.
    Company

    What we offer

    • Flexible cooperation model – choose the form that suits you best (B2B, employment contract, etc.).
    • Hybrid work setup – 6 days a month from the office in Kraków
    • Collaborative team culture – work alongside experienced professionals eager to share knowledge.
    • Continuous development – access to training platforms and growth opportunities.
    • Comprehensive benefits – including Interpolska Health Care, Multisport card, Warta Insurance, and more.
    • High quality equipment – laptop and essential software provided.

    Benefits

    • sharing the costs of sports activities
    • private medical care
    • sharing the costs of professional training & courses
    • life insurance

    Mindbox Sp. z o.o.

    At Mindbox, we connect top IT talents with technology projects for leading enterprises across Europe.
    Our focus is on matching your skills with work that matters – projects that use modern tech stacks, solve real business challenges, and give you space to grow. By joining us, you’ll deliver technology solutions for well-known brands, supported by the Mindbox team that values knowledge-sharing and continuous development. We make sure you have the tools, flexibility, and guidance to do your best work – and to keep moving forward in your career.
    DevSecOps Security Consultant
    30k–36k zł / mth. (B2B)
    I apply to:
    Mindbox Sp. z o.o.
    Kraków, Lesser Poland
    Pracodawca zbiera zgłoszenia przez swój system.
    Przejdziesz na zewnętrzny formularz.

    By clicking "Aplikuj" you confirm that you've read and accepted our Terms and Conditions.


    This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

    Need more information?

    • Make sure the body of the offer doesn’t already include what you’re looking for.
    • Ask a question if you need more information you’re interested in.
    • We’ll forward your question to the employer and aim to provide a response within 3 business days.

    Share this offer