Role Overview
You will serve as the bridge between development, operations, and security, building, deploying, and maintaining infrastructure & pipelines that comply with NATO / BQA security standards. You will lead security automation, enforce compliance, and partner with architects and engineers to embed security deeply in all systems.
Key Responsibilities
* Design, implement, and maintain secure CI/CD pipelines and infrastructure
* Integrate security controls, scans, and audits into build and deployment workflows
* Automate compliance checks, vulnerability scanning, and remediation workflows
* Develop IaC (Infrastructure as Code) templates and modules with secure defaults
* Harden systems, environments, and services to meet strict security standards
* Monitor, respond to, and analyze security incidents in production
* Conduct threat modeling, security reviews, and risk assessments
* Document security architecture, processes, and incident analyses
* Interact with external auditors, compliance teams, and stakeholders
Mandatory Requirements (any shortfall = disqualification)
1. Domain / Security Experience
o Minimum 5+ years working in DevSecOps, infrastructure security, or cloud security in regulated, defense, or government environments
o Prior exposure to NATO / defense / BQA / similar high-security domain
2. Cloud & Infrastructure Expertise
o Proven hands-on experience with one or more major cloud platforms (AWS, Azure, GCP)
o Deep knowledge of VPCs, networking, IAM, security groups, and zero-trust fundamentals
o Experience with container orchestration (Kubernetes), serverless, and microservices
3. CI/CD, Automation & Tooling
o Mastery of CI/CD tools (Jenkins, GitLab CI, GitHub Actions, etc.)
o Skilled in building secure pipelines with automation, testing, rollback, and artifact control
o Infrastructure as Code (Terraform, CloudFormation, Ansible, etc.)
4. Security, Threat Modeling & Hardening
o Expertise in secure design patterns, encryption, identity & access management, key management
o Experience with vulnerability scanning (SAST, DAST), code scanning tools, security orchestration
o Ability to perform threat modeling, risk assessments, and penetration test integration
5. Incident Response & Monitoring
o Experience establishing and running security monitoring, SIEMs, log management, alerting
o Incident response, forensics, root cause analysis
6. Process Rigor & Compliance
o Familiarity with compliance standards (e.g. ISO 27001, NIST, DoD, etc.)
o Ability to work under strict change control, audit, and documentation regimes
o Strong discipline in versioning, approvals, rollback procedures, backups
7. Soft Skills & Communication
o Excellent English (VERBAL + WRITTEN)
o Ability to explain complex security issues to non-technical stakeholders
o High attention to detail, accountability, reliability
8. Logistics & Eligibility
o Based in Europe, able to engage under contract legally
o Willing to undergo security / background checks as required by defense clients
Preferred (Not Mandatory)
* Direct experience with NATO / BQA security projects
* Certifications such as CISSP, CISM, AWS / Azure Security, etc.
* Hands-on experience with real-time systems, classified environments
* Experience with hardware, embedded systems, or network-level security
What We Offer
* Competitive contract (remote, European)
* Long-term stable engagement
* Work at the forefront of secure systems, infrastructure, and defense
* High standards, professional environment, opportunities for impact
Application Instructions
* Your CV / resume, clearly highlighting DevSecOps, security, and defense/regulatory experience
* Cover letter addressing how you meet each mandatory requirement
* Details or links for past projects in secure / regulated infrastructure contexts
* References or contacts able to speak to your performance in security / regulated roles
Note: Applications that do not clearly and specifically demonstrate your fit across all mandatory fields will not be considered. Please only apply if you fully meet the bar.