Lead DevSecOps Engineer for Ciklum Digital

Kyiv, Amosova, Ukraine


Ciklum is a top-five global Software Engineering and Solutions Company. Our 3,000+ IT professionals are located in the offices and delivery centres in Ukraine, Belarus, Poland and Spain.

As Ciklum employee, you'll have the unique possibility to communicate directly with the client when working in Extended Teams. Besides, Ciklum is the place to make your tech ideas tangible. The Vital Signs Monitor for the Children’s Cardiac Center as well as Smart Defibrillator, the winner of the US IoT World Hackathon, are among the cool things Ciklumers have developed.

Ciklum is a technology partner for Google, Intel, Micron, and hundreds of world-known companies. We are looking forward to seeing you as a part of our team!

Read more about the client


Ciklum Digital is looking for Lead DevSecOps Engineer for our team in Kyiv on full-time basis.

We are looking for a DevSecOps Lead to provide enterprise-level security practices to our customers. You will audit and configure software and tools to help our customers embed security into the delivery process of the developed applications and infrastructure.

DevSecOps responsibilities include auditing the infrastructure and delivery flow, infrastructure hardening, configuring SSO, logging and alerting, configuring DDoS protection, IAM policies, role-based access, key management, provide architecture expertise in infrastructure security planning process, etc. In this role you will also review delivery pipelines to ensure that security best practices are embedded into the process on all levels.

Our Customer is a financial service company that provides supply chain finance across Europe, North America and Asia.

Ciklum is building a team to work on various projects which primary goal is to improve and automate the customer’s business processes, reduce time and efforts, required for various operations


  • Creating security roadmap
  • Embed security best practices into delivery flow to ensure applications and infrastructure security from development to production:
    • Collaborate with DevOps, developers, and QA to secure the deliverables;
    • Support the teams to implement the security best practices;
    • Troubleshoot issues and remove blockers with the security to maintain secure delivery;
    • Measure the security and use this data to prioritise work to continually improve it.
  • Engineering tasks:
    • Enable centralised monitoring, logging, reporting and alerting tooling that client’s teams integrate with;
    • Enable SSO and per-user usage logging in the delivery tools;
    • Enable secret management between teams and environments;
    • Design and enable network security with health checks and alerts;
    • Enable DDoS protection;
    • Enable disaster recovery for critical components.
  • Collaboration with Delivery, DevOps, and Security teams in:
    • Auditing infrastructure for vulnerabilities;
    • Resolving security issues;
    • Providing detailed security baseline requirements for all teams;
    • Securing environments and supportive infrastructure;
    • Delivery flow refinements to embed security;
    • Security quality gates implementation refinements;
    • Code and infrastructure review.
  • Team management:
    • Interviewing and hiring potential team members;
    • Tasks decomposition and prioritization;
    • Review quality of DevSecOps team deliverables;
    • Protecting the team from unnecessary interruptions and distractions;
    • Organization and facilitation of standard scrum meetings;
    • Establishing an environment where the team can be effective;
    • Ensuring a good relationship between the team and product owners as well as others outside the team;
    • Status reporting including key risks and issues;
    • Facilitating the backlog grooming and estimation process;
    • Participate in demonstrations to Customer;
    • Demonstrate to the development teams and customer each sprint the continual improvement made by the DevSecOps team.


  • Security audit framework greed with stakeholders;
  • Environment and infrastructure security design agreed with stakeholders;
  • Secure Delivery flow agreed with stakeholders;
  • Central Monitoring, logging, reporting and alerting architecture and design and agree with stakeholders;
  • Refined, prioritized team backlog supporting points above;
  • Document working processes and baselines for the SecOps team;
  • Agreements between Delivery, Platform and QA teams.


  • Docker, AWS and git experience as a must;
  • CloudFormation experience as a must;
  • Experience with SSO concepts;
  • Experience in automation builds and tests;
  • Experience with vulnerability discovery tools;
  • Experience in CI/CD automation tools (Jenkins/Bitbucket/etc);
  • Experience with code quality tools;
  • Experience with microservices design;
  • Strong knowledge of best security practices and methodologies;
  • Experience in logging and application monitoring tools.

Personal skills

  • Influential over design and development strategy;
  • Collaborative and supportive of other teams;
  • Able to embed security best practice in all teams and calling out where this is not being followed;
  • Observant and uses of data to make evidence based decisions with a view to continually improving the security of delivery from developers to Production;
  • Attention to details;
  • System thinking;
  • Responsible;
  • Honest;
  • Empathetic;
  • Self-Managed;
  • Respected and inspiring;
  • Sociable.

What's in it for you

  • Career growth opportunities;
  • Realization of your innovative ideas in building new Ciklum Solutions and Services;
  • Friendly collaborative teams and enjoyable working environment;
  • Professional skills development and training programs;
  • Variety of knowledge sharing, training and self-development opportunities;
  • State of the art, cool, centrally located offices with warm atmosphere which creates really good working conditions.