DevOpsEngineer(security)

About the job The world’s most critical--and at-risk--business applications have been neglected for far too long. Onapsis eliminates this blind spot by providing cybersecurity solutions dedicated to business-critical applications. Onapsis helps nearly 30% of the Forbes Global 100 understand the threats and risks across their SAP and Oracle landscapes, whether running on-premises, in the cloud, or in a hybrid environment. We are looking for self-motivated and enthusiastic DevSecOps Engineer who want to impact cybersecurity by continuing to advance, maintain, and enhance our platform features in Threat Detection & Response, Vulnerability Management, and Compliance Automation. What you will be doing, your legacy: Working closely with leadership, product management, and our Engineering and Operations teams to design and implement security-focused capabilities across the SDLC using Shift-Left-On-Security principles. This role partners with InfoSec, Technical Operations, and Platform Engineering teams to ensure CI/CD frameworks, infrastructure, and automation tooling are secure by design, resilient, and capable of protecting our customers at scale. Key Responsibilities: Security Automation & CI/CD: Embed, maintain, and optimize automated security testing (SAST, DAST, SCA) directly into GitLab CI/CD pipelines. Vulnerability & Patch Management: Perform platform security assessments, verify reported exploits, and support vulnerability remediation activities. Security Compliance: Participate in security audits, provide actionable feedback, and coordinate with engineering teams to meet compliance timelines and regulatory standards. Penetration Testing Enablement: Provision and configure isolated test environments, deploy target application builds, and coordinate secure access requirements for penetration testing activities. Security Operations & Incident Response: Collaborate with cross-functional teams to evaluate security releases, generate compliance reports, and support se