We love cars and everything related to them, and we work in e-commerce. In 2008, our team started the business with several dozen parts positions, and today we sell about 3.7 million products for 166 car brands. We are real friends with clients from 27 EU and EEA countries. As of 2020, our customer base has reached 5.3 million active B2C and B2B clients. We are dedicated to working, and so we expect our revenue to exceed €1.0 billion.
Responsibilities
Creation, deployment, support, and optimization of the source code of streaming and new versions of applications in a GCP hosting environment.
Design, development, and execution of DevSecOps CI/CD pipelines. Integration of security into DevOps processes, establishing a DevSecOps culture.
Implementation of security measures in every phase of the software development lifecycle.
Design and development of automation tools and processes with a focus on security and compliance.
Debugging monitoring systems and identifying security vulnerabilities.
Writing user and technical documentation.
Collaborating with security and development teams to create a cohesive and secure infrastructure.
Conducting regular security audits and remediation.
Ensuring interservice communication over HTTPS/TLS protocols, implementing access to the internal perimeter using OpenVPN.
Requirements
Experience as a DevOps Engineer with a focus on security, 3+ years. Experience with cloud providers is required, GCP will be a huge plus. Ability to work with High Available and High Load systems.
Good knowledge of container tools and orchestration technologies (Kubernetes).
Experience in DevSecOps CI/CD design and development.
Hands-on experience with Docker containers.
Experience in horizontal scaling of applications and databases. Database experience (at least 2 from the list: MySQL, Elastik, clickhouse, Mongodb, Postgres).
Proficiency in programming languages (at least 1 from the list: Go, Python, Bash).
Experience in using SAST and DAST tools, and knowledge of other security tools and methodologies.
Familiarity with frameworks Selenium, JMeter.
Experience in setting up overhead security tools: CyberArc, WAF, SiEM, etc.
Experience with IDS/IRS systems, file integrity monitoring, WAF, and other methods for detecting and preventing security attacks.
Strong knowledge of ISMS and writing/updating its elements. Certifications in security (like CISSP, CISM, CEH, etc.) would be a plus.
Will be a plus
Experience with GCP, and knowledge of cloud infrastructure. Experience in migrating applications to Kubernetes.
Deep understanding of Linux-like OS processes.
Experience in implementing security controls in containerized environments.
Boundless desire to automate any processes with an emphasis on improving security.
What do we offer?
For your professional growth:
Only innovative projects and advanced technologies
Complete freedom for bright ideas and bold decisions
Work in the international team of professionals willing to share their experience
Ability to switch to another project that is interesting for you
Professional growth: free external and internal professional training courses and certifications
Paid business trips and payment for participation in conferences
Paid corporate language classes (English, German, Polish)
For your convenience:
Work on your terms — you can work remotely and choose a flexible schedule
28 paid vacation days, 1 day off, national holidays, and unlimited sick leave
Friendly team buildings, cool corporate events with
Corporate wellness activities with colleagues
Corporate gifts on the first working day, birthday, anniversary of work, birth of a child
Join us today and let’s create a success story together!