DevSecOps Engineer
Position Overview
We are looking for an experienced DevSecOps Engineer to join a European Institution in Brussels. This long-term engagement begins as soon as possible and follows a hybrid working model (3 days onsite + 2 days remote).
-
Location: Brussels, Belgium
-
Start date: ASAP
-
Work arrangement: 3 days onsite, 2 days remote
-
Duration: 1 year+ (long-term mission)
-
Language requirement: English
-
Rate: 655 EUR/day, all-inclusive (expenses included, company fee included, VAT excluded)
The job description is outlined below.
Role Summary
The DevSecOps Engineer will deliver operational, security, and quality assurance expertise across a diverse CI/CD ecosystem. This role is responsible for troubleshooting platform issues, integrating automated security and quality controls, and maintaining stable, compliant CI/CD operations. The engineer will support and enhance environments including Kubernetes, GitHub, SonarQube, Nexus, and Harbor, contributing to a secure, scalable, and fully automated software delivery framework.
Key Responsibilities
User Support & Issue Resolution
-
Serve as the primary point of contact for users of CI/CD tools and related platforms.
-
Diagnose and resolve issues across Jira, Confluence, GitHub, Harbor, Nexus, Keycloak, and SonarQube.
-
Deliver timely resolutions and maintain high user satisfaction through clear communication and effective troubleshooting.
Platform Configuration & Maintenance
-
Configure and maintain GitHub, Nexus, Keycloak, and SonarQube in alignment with organizational standards and security policies.
-
Manage and secure artifact and container registries (Nexus and Harbor).
-
Support deployments, manage upgrades, and ensure reliable platform performance and availability.
Pipeline Automation & Security Integration
-
Develop, optimize, and migrate CI/CD pipelines using GitHub Actions and related tooling.
-
Integrate automated security and quality gates, including SonarQube analysis, dependency scanning, and container scanning.
-
Embed DevSecOps practices to proactively detect, prevent, and remediate vulnerabilities across the software delivery chain.
Automation & Scripting
-
Create and maintain automation scripts to streamline platform operations, compliance checks, and CI/CD setup.
-
Utilize scripting languages such as Python and Bash to enhance operational efficiency.
Governance, Security & Compliance
-
Maintain and optimize Keycloak authentication and authorization configurations.
-
Apply security best practices, including secrets management, least-privilege access, and vulnerability scanning.
-
Ensure CI/CD workflows include automated checks for security, code quality, test coverage, and dependency risk.
Required Skills & Qualifications
-
Proven experience in DevOps or DevSecOps engineering with strong knowledge of CI/CD tools (GitHub Actions, Jenkins, Bamboo, Bitbucket, etc.).
-
Hands-on experience with containerization and orchestration technologies (Docker, Kubernetes).
-
Strong expertise in artifact and image management (Nexus, Harbor).
-
Familiarity with code quality and security tools such as SonarQube, OWASP Dependency-Check, or Trivy.
-
Proficiency in scripting (Python, Bash) and automation frameworks.
-
Strong understanding of IAM and SSO/OIDC systems, particularly Keycloak.
-
Ability to troubleshoot across the full CI/CD stack, from SCM to build, test, and deployment stages.
-
Experience with Infrastructure as Code (Terraform, Ansible) is a plus.
-
Knowledge of AWS (EC2, S3, IAM) is an advantage.
Preferred Qualifications
-
Experience implementing automated security and quality gates in CI/CD pipelines.
-
Background in platform operations, DevSecOps governance, or CI/CD migration projects.
-
Strong analytical, documentation, and problem-solving skills.
-
Excellent communication abilities and a collaborative working style.
Ideal Candidate Profile
This role is perfect for engineers passionate about secure automation, quality-driven delivery, and operational excellence within a modern DevSecOps environment. The successful candidate will thrive in a hybrid European institutional setting and contribute to the evolution of a robust, secure CI/CD platform.