ITS Informationstechnik Service GmbH
DevOps & Cloud Security Engineer(m/w/x)
Full-time/Part-timeWith HomeofficeSenior
Dortmund, Köln, Darmstadt
New Job?Nejo!
Your personal AI career agent
GRGRAS Global Risk Assessment Services GmbH
DevSecOps Engineer CI/CD Security Implementation(m/w/x)
Köln
Part-timeFreelanceWith Home OfficeExperienced
Nejo AI Summary
Integrating SonarQube and Snyk into GitHub Actions for code quality and security scanning. GitHub Actions, SonarQube, and container scanning experience required. Remote work with flexible hours and a meaningful mission.
Requirements
- GitHub Actions: writing and maintaining workflows
- SonarQube: setup, configuration, quality gates, CI integrations
- Snyk: dependency scanning, GitHub integration, fix automation
- Container scanning: ECR scanning or similar tools
- AWS: ECR, Security Hub, Secrets Manager
- Python: code understanding and review for security
- DAST implementation (OWASP ZAP automation)
- ISO 27001 compliance documentation experience
- AWS GuardDuty and Inspector configuration
- GitHub Advanced Security features
- AWS Certified Security – Specialty
Tasks
- Write YAML configurations
- Commit code to repositories
- Integrate SonarQube into GitHub Actions
- Perform code quality and security scanning
- Configure quality gates for Python, R, and PHP
- Set up branch analysis
- Implement PR decoration
- Implement Snyk for dependency scanning
- Configure Snyk for Python, R, and PHP projects
- Set up automated fix PRs
- Track dependency vulnerabilities
- Integrate Snyk with GitHub
- Configure AWS ECR Enhanced Scanning
- Set up ECR scan-on-push
- Route ECR findings to Security Hub
- Create Dockerfile security best practices
- Develop base image guidelines
- Configure GitHub secret scanning
- Implement GitHub push protection
- Set up pre-commit hooks
- Integrate AWS Secrets Manager patterns
- Create security gates to block deployments
- Configure severity thresholds for findings
- Establish exception workflows
- Document configurations for ISO 27001 audits
Work Experience
- approx. 1 - 4 years
Education
- Vocational certificationOR
- Bachelor's degreeOR
- Master's degree
Languages
- English – Business Fluent
Tools & Technologies
- GitHub Actions
- SonarQube
- Snyk
- ECR
- AWS
- Python
- OWASP ZAP
- GitHub Advanced Security
Benefits
Flexible Working
- Remote work
- Flexible working hours
Mentorship & Coaching
- Professional onboarding
Purpose-Driven Work
- Meaningful mission
- Independent work
Find the original job posting in its most current version here. Nejo automatically captured this job from the website of GRAS Global Risk Assessment Services GmbH and processed the information on Nejo with the help of AI for you. Despite careful analysis, some information may be incomplete or inaccurate. Please always verify all details in the original posting! Content and copyrights of the original posting belong to the advertising company.
Not a perfect match?
- ONIQ
Lead DevOps Engineer(m/w/x)
Full-time/Part-timeWith HomeofficeSeniorKöln, Berlin - Capgemini
Cloud DevOps Engineer Financial Services(m/w/x)
Full-time/Part-timeWith HomeofficeExperiencedStuttgart, Ratingen, Köln, Hannover, München, Berlin, Frankfurt am Main, Hamburg - Deloitte GmbH Wirtschaftsprüfungsgesellschaft
Senior Cloud Software Engineer(m/w/x)
Part-timeWith HomeofficeSeniorBerlin, Düsseldorf, Frankfurt am Main, Hamburg, Hannover, Köln, München, Stuttgart - 2pi IT Solutions GmbH
Senior Softwareentwickler:in(m/w/x)
Part-timeWith HomeofficeManagementKöln
GRGRAS Global Risk Assessment Services GmbH
DevSecOps Engineer CI/CD Security Implementation(m/w/x)
Köln
Part-timeFreelanceWith Home OfficeExperienced
Nejo AI Summary
Integrating SonarQube and Snyk into GitHub Actions for code quality and security scanning. GitHub Actions, SonarQube, and container scanning experience required. Remote work with flexible hours and a meaningful mission.
Requirements
- GitHub Actions: writing and maintaining workflows
- SonarQube: setup, configuration, quality gates, CI integrations
- Snyk: dependency scanning, GitHub integration, fix automation
- Container scanning: ECR scanning or similar tools
- AWS: ECR, Security Hub, Secrets Manager
- Python: code understanding and review for security
- DAST implementation (OWASP ZAP automation)
- ISO 27001 compliance documentation experience
- AWS GuardDuty and Inspector configuration
- GitHub Advanced Security features
- AWS Certified Security – Specialty
Tasks
- Write YAML configurations
- Commit code to repositories
- Integrate SonarQube into GitHub Actions
- Perform code quality and security scanning
- Configure quality gates for Python, R, and PHP
- Set up branch analysis
- Implement PR decoration
- Implement Snyk for dependency scanning
- Configure Snyk for Python, R, and PHP projects
- Set up automated fix PRs
- Track dependency vulnerabilities
- Integrate Snyk with GitHub
- Configure AWS ECR Enhanced Scanning
- Set up ECR scan-on-push
- Route ECR findings to Security Hub
- Create Dockerfile security best practices
- Develop base image guidelines
- Configure GitHub secret scanning
- Implement GitHub push protection
- Set up pre-commit hooks
- Integrate AWS Secrets Manager patterns
- Create security gates to block deployments
- Configure severity thresholds for findings
- Establish exception workflows
- Document configurations for ISO 27001 audits
Work Experience
- approx. 1 - 4 years
Education
- Vocational certificationOR
- Bachelor's degreeOR
- Master's degree
Languages
- English – Business Fluent
Tools & Technologies
- GitHub Actions
- SonarQube
- Snyk
- ECR
- AWS
- Python
- OWASP ZAP
- GitHub Advanced Security
Benefits
Flexible Working
- Remote work
- Flexible working hours
Mentorship & Coaching
- Professional onboarding
Purpose-Driven Work
- Meaningful mission
- Independent work
Find the original job posting in its most current version here. Nejo automatically captured this job from the website of GRAS Global Risk Assessment Services GmbH and processed the information on Nejo with the help of AI for you. Despite careful analysis, some information may be incomplete or inaccurate. Please always verify all details in the original posting! Content and copyrights of the original posting belong to the advertising company.
About the Company
GRAS Global Risk Assessment Services GmbH
Industry
Consulting
Description
GRAS Global Risk Assessment Services GmbH is an international team of experts providing global risk assessment services for a sustainable future.
Not a perfect match?
- ITS Informationstechnik Service GmbH
DevOps & Cloud Security Engineer(m/w/x)
Full-time/Part-timeWith HomeofficeSeniorDortmund, Köln, Darmstadt - ONIQ
Lead DevOps Engineer(m/w/x)
Full-time/Part-timeWith HomeofficeSeniorKöln, Berlin - Capgemini
Cloud DevOps Engineer Financial Services(m/w/x)
Full-time/Part-timeWith HomeofficeExperiencedStuttgart, Ratingen, Köln, Hannover, München, Berlin, Frankfurt am Main, Hamburg - Deloitte GmbH Wirtschaftsprüfungsgesellschaft
Senior Cloud Software Engineer(m/w/x)
Part-timeWith HomeofficeSeniorBerlin, Düsseldorf, Frankfurt am Main, Hamburg, Hannover, Köln, München, Stuttgart - 2pi IT Solutions GmbH
Senior Softwareentwickler:in(m/w/x)
Part-timeWith HomeofficeManagementKöln