Role Overview You will serve as the bridge between development operations and security building deploying and maintaining infrastructure & pipelines that comply with NATO / BQA security standards. You will lead security automation enforce compliance and partner with architects and engineers to embed security deeply in all systems.
Key Responsibilities Design, implement and maintain secure CI / CD pipelines and infrastructure
Integrate security controls scans and audits into build and deployment workflows
Automate compliance checks vulnerability scanning and remediation workflows
Develop IaC (Infrastructure as Code) templates and modules with secure defaults
Harden systems environments and services to meet strict security standards
Monitor, respond to and analyze security incidents in production
Conduct threat modeling, security reviews and risk assessments
Document security architecture processes and incident analyses
Interact with external auditors, compliance teams and stakeholders
Mandatory Requirements (any shortfall disqualification) Domain / Security Experience Minimum 5 years working in DevSecOps infrastructure security or cloud security in regulated defense or government environments. Prior exposure to NATO / defense / BQA / similar high-security domain.
Cloud & Infrastructure Expertise Proven hands-on experience with one or more major cloud platforms (AWS Azure GCP)
Deep knowledge of VPCs, networking, IAM security groups and zero-trust fundamentals
Experience with container orchestration (Kubernetes), serverless and microservices
Mastery of CI / CD tools (Jenkins GitLab CI GitHub Actions etc.)
Skilled in building secure pipelines with automation testing, rollback and artifact control
Infrastructure as Code (Terraform CloudFormation Ansible etc.)
Security Threat Modeling & Hardening Expertise in secure design patterns, encryption, identity & access management, key management
Experience with vulnerability scanning (SAST DAST) code scanning tools and security orchestration
Ability to perform threat modeling, risk assessments and penetration test integration
Incident Response & Monitoring Experience establishing and running security monitoring, SIEMs, log management, alerting
Incident response, forensics and root cause analysis
Process Rigor & Compliance Familiarity with compliance standards (e.g. ISO 27001, NIST, DoD etc.)
Ability to work under strict change control, audit and documentation regimes
Strong discipline in versioning, approvals, rollback procedures, backups
Soft Skills & Communication Excellent English (VERBAL & WRITTEN). Ability to explain complex security issues to non-technical stakeholders. High attention to detail, accountability, reliability.
Logistics & Eligibility Based in Europe able to engage under contract legally. Willing to undergo security/background checks as required by defense clients.
Preferred (Not Mandatory) Direct experience with NATO / BQA security projects
Certifications such as CISSP, CISM, AWS/Azure Security etc.
Hands‐on experience with real‐time systems classified environments
Experience with hardware embedded systems or network‐level security
What We Offer Competitive contract (remote European)
Long‐term stable engagement
Work at the forefront of secure systems infrastructure and defense
High standards professional environment opportunities for impact
Application Instructions Your CV / resume clearly highlighting DevSecOps security and defense / regulatory experience. Cover letter addressing how you meet each mandatory requirement. Details or links for past projects in secure / regulated infrastructure contexts. References or contacts able to speak to your performance in security / regulated roles.
Note: Applications that do not clearly and specifically demonstrate your fit across all mandatory fields will not be considered. Please only apply if you fully meet the bar.
Key Skills IVR, SOAP, Avaya, Solaris, Cost Accounting Standards, Database Design, Hibernate, ITIL, Weblogic, Express.js, Contracts, ASP
#J-18808-Ljbffr