Job Specifications
DevSecOps Engineer Profile
Start date 9th of Dec 2025
Long-term
Location Brussels-Hybrid (3 days on site-2 days work from home)
Role Summary:
The DevSecOps Engineer will provide operational, security, and quality assurance expertise for a diverse
ecosystem of Continuous Integration and Continuous Deployment (CI/CD) tools. This includes troubleshooting
user issues, embedding automated security controls, integrating quality gates, and maintaining stable and
compliant CI/CD operations across the platform. The engineer will also support Kubernetes, SonarQube, Nexus,
and Harbor environments, contributing to a secure, automated, and reliable software delivery framework.
Key Responsibilities:
User Support and Issue Resolution
• Act as the primary point of contact for users needing assistance with CI/CD tools.
• Troubleshoot issues across Jira, Confluence, GitHub, Harbor, Nexus, Keycloak, and SonarQube.
• Provide timely and effective solutions for platform-related problems, ensuring high user satisfaction.
Platform Configuration and Maintenance
• Configure and maintain GitHub, Nexus, Keycloak, and SonarQube instances to align with organizational
standards.
• Oversee secure management of artifact and container registries (Nexus and Harbor).
• Support deployments and maintain configurations to ensure continuous availability.
Pipeline Automation and Security Integration
• Develop, enhance, and migrate CI/CD pipelines using GitHub Actions and related tooling.
• Integrate automated quality and security gates (SonarQube, dependency scanning, container scanning).
• Embed DevSecOps practices ensuring early detection and remediation of vulnerabilities in the delivery
chain.
Automation and Scripting
• Develop automation scripts to streamline platform maintenance, compliance checks, and CI/CD setup.
• Use scripting languages (e.g., Python, Bash) to support automation and operational efficiency.
Governance, Security, and Compliance
• Maintain security configurations in Keycloak for authentication and authorization.
• Apply CI/CD security best practices including secrets management, least privilege access, and vulnerability
scanning.
• Ensure that all CI/CD processes include automated checks for security, code quality, test coverage, and
dependency risks.
Brussel hybrid-3 days onsite-Tuesdays, Thursdays and one day flexible (non-negotiable)
The automation part is the core of this role
EU nationality required