Senior DevSecOps Engineer

What you’ll do

• Design and oversee security architecture with a focus on DevSecOps principles (shift-left security).
• Integrate security controls into CI/CD pipelines and automate security testing (SAST, DAST, SCA, container scanning).
• Lead security assessments and audits, identify vulnerabilities and implement countermeasures.
• Conduct security code reviews and provide feedback to developers on best practices.
• Implement security monitoring tools to detect and respond to security incidents.
• Guide and mentor team members on security best practices, DevSecOps culture, and emerging threats.
• Build and maintain "security as code" approaches - policy as code, compliance as code.
• Own end-to-end resolution of security findings from client security teams - from analysis through infrastructure fixes to communication of remediation status.
• Collaborate with the SRE team on reliability improvements that enhance security posture.

What we look for and what are the skills you need to have

• 5+ years' experience securing production services and Kubernetes environments.
• Automation-first mindset, including using modern tools (including AI-assisted workflows) to streamline security operations.
• Experience integrating security into CI/CD pipelines and automating security checks.
• Expertise securing applications and infrastructure on GCP, AWS, or Azure (IAM, network security, encryption, logging).
• Strong Kubernetes security knowledge: RBAC, network policies, secrets management, vulnerability scanning, policy enforcement.
• Hands-on experience with infrastructure as code (Terraform) and securing IaC configurations.
• Experience with security monitoring, intrusion detection, and incident response.
• Ability to perform threat modeling and vulnerability assessments.
• Experience with zero trust architecture in cloud environments.
• Proficiency with UNIX systems and scripting (Python, Bash, Go).
• Experience with GitOps workflows using ArgoCD.
• Experience working with external security teams and managing security findings from discovery through resolution.
• (nice to have) Experience with policy as code tools (Open Policy Agent, Kyverno), chaos engineering for security, or service mesh security (Istio, Linkerd).
• (nice to have) Understanding of SOC 2 or ISO 27001 compliance frameworks.


We also require some essential soft skills:
• Strong documentation, analytical and problem-solving skills.
• Collaborative approach, promoting a "security is everyone's responsibility" mindset.
• Excellent communication skills - ability to explain security concepts to developers and external security teams.
• Self-organized with ability to manage multiple priorities.
• Proactive mindset with commitment to continuous learning.
• Resilience in handling stressful situations.
• Ability to balance security requirements with developer experience.

You can look forward to the following benefits

• Competitive compensation.
• Generous paid vacation time.  And we mean generous.
• Cool new offices in the heart of Holesovice in Prague. You need to be 3 times a week in the office.
• No set office hours and flexibility.

Keboola’s Core Values

• Care, love and respect
• No BS
• Get your stuff done and do a bit more
• Create and innovate
• Learn!
• One team