Senior DevSecOps Engineer (CI/CD Pipelines)

Job Description

Our client is seeking an experienced and proactive Senior DevSecOps Engineer to join the Cyber Security Expert Team within the Digital Services domain. This role is based in Lindholmen, Gothenburg, and requires a highly communicative and self-motivated professional who can support security initiatives across development, cloud, and platform environments.

The Cyber Security Expert Team operates as a centralized capability that supports engineering teams throughout the organization by delivering security guidance, governance, and operational expertise. The team promotes a decentralized security approach, enabling teams to take ownership of security practices while receiving strong support from dedicated security specialists.

The selected consultant will play a key role in strengthening secure development processes, improving security automation, and supporting engineering teams with practical and scalable security measures.

Key Responsibilities

Operational Security Support

• Deliver hands-on assistance to development and platform teams regarding security-related incidents, findings, assessments, and day-to-day security concerns.
• Support teams in identifying and mitigating security risks across applications and infrastructure environments.

Shift-Left Security & CI/CD Enablement

• Assist engineering teams in integrating security controls and automated scanning mechanisms early within the software development lifecycle.
• Enhance CI/CD pipelines by embedding security policies, validation checks, and vulnerability scanning processes.

Cloud, Platform & Application Security

• Contribute to the secure architecture and implementation of cloud platforms, applications, and containerized solutions.
• Ensure environments align with established security standards, best practices, and benchmark recommendations.

Supply Chain & Dependency Security

• Support vulnerability remediation activities and manage third-party dependency security practices.
• Assist with software supply chain security initiatives and governance processes.

DevSecOps Collaboration & Coaching

• Work closely with development and platform teams to improve security awareness and encourage secure engineering practices.
• Promote practical security approaches that maintain both delivery efficiency and operational reliability.

Cyber Security Team Contribution

• Share expertise, contribute to continuous improvements, and support the evolution of internal security standards, frameworks, and working methods.

Required Experience

• Strong experience in DevSecOps, security engineering, application security, cloud security, or infrastructure security roles.
• Proven experience working with CI/CD pipelines and modern software engineering practices.
• Hands-on expertise in vulnerability management and secure development methodologies.
• Experience supporting security initiatives within development or platform engineering teams.

Education

Bachelor’s degree in Information Technology, Computer Science, Cyber Security, or a related technical discipline is preferred.

Required Skills

• DevSecOps
• CI/CD Pipelines
• Cloud Security
• Infrastructure as Code (IaC)
• Terraform
• Platform Security
• Vulnerability Management
• Secure Development Practices
• Security Automation
• Risk Assessment

Preferred Technical Knowledge

• Experience with major cloud platforms and core cloud services including compute, identity, networking, logging, and monitoring.
• Familiarity with Infrastructure as Code tools such as Terraform, CloudFormation, or similar technologies.
• Knowledge of container orchestration platforms and security scanning tools.
• Understanding of software supply chain security and dependency governance.
• Awareness of security and compliance frameworks.
• Experience supporting large-scale cloud, platform, or security transformation initiatives.

Personal Attributes

• Strong analytical and problem-solving abilities.
• Self-driven and capable of working independently in a structured manner.
• Excellent collaboration and coaching skills.
• Effective communication skills with both technical and non-technical stakeholders.
• Ability to influence teams and drive security-focused improvements across the organization.

Language Requirement

• English – Professional proficiency required

Application Method: Interested candidates can apply by sending their profile to hr@semiconservicenordic.com