DevSecOps Pipeline Engineer GitLab Secure
Job Description Roles & Responsibilities You will take ownership of secure CI/CD pipeline engineering across development, testing, staging, and production environments, implementing scalable and audit-ready DevSecOps controls using GitLab Secure, Jenkins, and a range of enterprise security tooling. This role goes beyond simply integrating scanners into pipelines. You will be responsible for building trusted, developer-friendly security workflows that reduce noise, improve remediation quality, and ensure critical vulnerabilities never reach production unmanaged. Key Responsibilities CI/CD Engineering & Pipeline Ownership: Design, implement, and maintain secure CI/CD pipelines and reusable templates across GitLab (Enterprise & Community editions) and Jenkins Define and enforce security gates, policy-as-code controls, and severity thresholds across environments Integrate security tooling including Fortify, Trivy, OWASP ZAP, Tenable, dependency scanning, container scanning, and IaC security checks Ensure all pipeline outputs are actionable, developer-friendly, and operationally effective Continuously optimise pipeline performance and reduce friction introduced by security controls DevSecOps Integration: Embed DevSecOps practices throughout the SDLC using a shift-left approach Assess existing development pipelines and integrate security controls without disrupting engineering workflows Improve overall pipeline maturity, consistency, and governance across environments Developer Enablement & Collaboration: Partner directly with development teams to support vulnerability remediation and improve secure coding practices Conduct workshops, knowledge-sharing sessions, and developer enablement activities Act as first-line support for developers on pipeline security issues and CI/CD security tooling Vulnerability & Exception Governance: Review and validate SAST, SCA, container, and infrastructure security findings Work closely with Source Code Reviewers to reduce false positives and improve result quality Manage security exceptions with full audit traceability, including approvals, expiry periods, and mitigation tracking Ensure no critical vulnerabilities are merged into production environments without appropriate governance controls Reporting & Visibility: Build and maintain security posture dashboards across development environments Provide unified visibility across GitLab Secure, Fortify, Tenable, and related tooling Track remediation trends, pipeline efficiency metrics, and exception governance KPIs Desired Candidate Profile Technical Experience: 3+ years of hands-on DevSecOps and CI/CD security engineering experience Strong experience with: GitLab Secure GitLab CI/CD Jenkins Docker Kubernetes Artifactory Experience integrating: Fortify SAST / DAST tools IaC security scanning Container and dependency scanning tools Open-source DevSecOps tooling Strong understanding of secure container image building and hardening Scripting and automation skills using Python, Bash, or PowerShell Security & Governance Knowledge: Understanding of secure software delivery lifecycle practices Familiarity with NIST SSDF, ISO 27001 secure development controls, and modern DevSecOps principles Experience managing security exceptions and audit-ready governance processes Strong knowledge of vulnerability management workflows and remediation lifecycle management Company Industry IT - Software Services Department / Functional Area IT Software Keywords DevSecOps Pipeline Engineer GitLab Secure Get real-time job updates only on our App
Ready to apply?
You are viewing this role on JobSphere AI. Applications are completed on the original employer / source website.
Apply on original siteOpens the employer's site in a new tab
- CompanyClient of Salt
- LocationMorocco - Morocco
- CategoryCybersecurity
- SourceNaukrigulf
- Listed1 month ago
Related Cybersecurity jobs
SOC Engineer
Security Monitoring & Threat Detection • Administration, management, and Support deployment and tuning of OT security tools (Nozomi, Forescout). Monitor OT/ICS…
Priority Banking - Customer Service Representative
1. Client Relationship Management ▸ Resolve customer issues efficiently while ensuring first-contact resolution whenever possible. ▸ Manage customer complaints…
Secretary
Manage executive schedules, ensuring optimal time allocation for meetings, deadlines, and travel, to facilitate smooth operations. Prepare and edit…
Senior Full Stack Developer
We are seeking an experienced Full Stack Engineer with strong Java expertise and modern front-end capabilities to design, build and deliver scalable enterprise…