Your Career As a DevSecOps Engineer, you will design, build, and continuously improve secure cloud and platform solutions following modern DevSecOps principles. You will act as a key interface between development, operations, and security, ensuring that security is embedded throughout the entire software delivery lifecycle. Your responsibilities Design and develop modern, secure cloud and platform solutions in agile DevSecOps environments Build automations and implement custom security tooling for CI/CD pipelines Create reusable CI/CD security components and templates (GitHub, Azure DevOps, GitLab) Integrate and maintain SAST and DAST solutions within CI/CD pipelines Advise clients on the effective use of cloud security services, balancing effort, cost, maintenance, risk, and compliance Identify common attack vectors and proactively mitigate security risks across applications and infrastructure Act as a security advocate within engineering teams and support secure-by-design approaches Your profile Successfully completed degree in (Business) Computer Science or a comparable qualification At least 5 years of professional experience in DevSecOps, Application Security, and Cloud/Infrastructure environments Strong understanding of cloud architectures, software development processes, and security best practices Hands-on experience integrating SAST and DAST into CI/CD pipelines, including building reusable security templates Solid knowledge of common attack vectors, especially OWASP Top 10 vulnerabilities Programming experience for automation and custom tooling, ideally in Rust (alternatively Go, Python, C#, Java, or TypeScript) Basic experience with GitHub, Azure DevOps, and/or GitLab Structured, reliable working style with strong communication and collaboration skills Fluent English & Portuguese NICE TO HAVE: Knowledge of Kubernetes and serverless security Experience with Policy-as-Code (OPA/Rego, Kyverno) and Infrastructure as Code (Terraform, Bicep) Experience with monitoring, SIEM, and cloud security services (e.g. Azure Monitor, Microsoft Sentinel, Dynatrace, Datadog) Why us? Comprehensive onboarding and individual mentoring Remote work option Work-life balance and flexible working hours Personal and professional development opportunities Modern workplace and pleasant working atmosphere with close collaboration Exciting and challenging customer projects as well as diverse tasks Appreciative work environment with a positive error culture Free choice of hardware between Mac and Windows About us We are a dynamic IT company specializing in consulting and implementation services for our clients. Our current focus lies in cloud implementation and management, covering areas such as cloud architecture and infrastructure, cloud migration, IT managed services, and software development. Many renowned companies already rely on our expertise and trust in the quality of our work. Our story began in 2014 with the founding of XIBIX Solutions GmbH, an IT startup based in Unterschleißheim, just north of Munich. Since then, we’ve experienced strong growth — and we’re far from done! With ambitious plans ahead, we’re looking for motivated talents across all areas to join the XIBIX IT Group at our locations in Hamburg, Munich, Constance, Landshut, and Porto or remotely. At XIBIX, we bring together doers, creatives, and experts who inspire our clients with innovative solutions and a genuine curiosity to explore new ideas. Driven by our passion for cloud technologies, we empower national and international companies to become fit for the digital future.