DevSecOps Engineer

HeyBlu · Bucharest, Romania
LinkedIn

Posted

Jul 07, 2026 (8d ago)

Seniority

Lead

Work Model

Not Specified

Type

Not Specified

Category

DevOps & SRE

Salary

Not specified

Skills

Agile AWS Azure CI/CD Docker GCP GitHub GitHub Actions GitLab GitLab CI Jenkins Kubernetes Linux Penetration Testing SRE Terraform Vault

Description

HeyBlu is a Romanian e-money licensed fintech company that aims to provide financial services to customers and merchants operating in the e-commerce space. Our vision is to increase the financial power of e-commerce buyers & sellers, making a positive impact in their everyday lives. We do this by extending the purchasing power of retail shoppers in easy and convenient ways, while also helping e-commerce merchants with the capital needed to grow their business. Being part of eMAG group, the largest e-commerce player in Romania, HeyBlu is focusing on building a financial offering for customers and merchants operating within the eMAG ecosystem by implementing an “embedded finance” approach. As part of the global Prosus group, we share the same purpose: “ Improving everyday life for billions of people through technology ”. In the HeyBlu team we are building an entrepreneurial, results-driven, agile, and collaborative culture based on the core values we share across the group: ownership, accountability, innovation, adaptability and customer focus. What you’ll have to do: Embed security practices across the entire software development lifecycle (SDLC) — from code review to production deployment; Integrate and maintain security tooling (SAST, DAST, SCA, secrets scanning) in CI/CD pipelines (GitLab CI); Design and enforce infrastructure security controls on cloud environments, with focus on NIS2 and DORA compliance; Manage vulnerability assessments, coordinate remediation with development teams, and track resolution SLAs; Own secrets management, access control policies, and identity governance across the platform; Build and maintain security monitoring, alerting and incident response playbooks (SIEM, log aggregation); Support and coordinate periodic security audits and penetration testing activities. How we’d like you to be: With hands-on experience as a Developer, DevOps, DevSecOps, SRE or Security Engineer; With practical experience with cloud infrastructure (AWS / Azure / GCP) and Linux systems administration; With experience with containers and orchestration (Docker, Kubernetes) and CI/CD pipelines (GitLab CI, GitHub Actions, Jenkins or similar); With solid knowledge of Infrastructure as Code (Terraform, CloudFormation) and automation; With strong security fundamentals: IAM, encryption, network security, secrets management (Vault, AWS Secrets Manager, KMS); With experience with monitoring, logging and alerting solutions; knowledge of HA, Disaster Recovery and Business Continuity concepts; With analytical mindset, proactive attitude and a strong drive for automation and continuous improvement; With advanced English; strong communication and cross-team collaboration skills; comfortable working in an Agile environment.