DevSecOps engineer (EST timezone)

Would you like to join the leading international intergovernmental organization Allied Command Transformation (ACT), NATO's leading agent for change: driving, facilitating and advocating the continuous improvement of Alliance capabilities to maintain and enhance the military relevance and effectiveness of the Alliance.

We are looking for a passionate DevSecOps engineer who will provide remote support to ACT's digital modernization initiatives with a focus on building resilient, secure and scalable applications across our clients' hybrid and cloud environments. Responsibilities include deploying and operating containerized applications, automating infrastructure through Infrastructure as Code and implementing observability practices to ensure reliability and performance. The role requires close adherence to cybersecurity and zero-trust principles as well as integration of compliance automation and modern service mesh technologies. The engineer will deliver incremental capabilities in agile environments and collaborate with stakeholders to ensure that outputs meet the requirements for security, scalability and operational readiness.

• Deploy and operate containerized services using orchestration frameworks to ensure scalability and resilience.
• Automate infrastructure through Infrastructure as Code (IaC) to provide consistent and repeatable environments.
• Deploy and monitor workloads in cloud environments (AWS, Azure, Google Cloud, VMware, OpenStack).
• Implement site reliability engineering (SRE) and observability practices to ensure resilience, monitoring, logging, metrics and distributed tracing.
• Support high-throughput and service-oriented architectures ensuring resilient and scalable deployments.
• Deliver incremental capabilities in Agile and DevSecOps environments following frameworks such as Scrum, SAFe or Kanban.
• Design and manage secure networking and service meshes (TLS, Istio, Linkerd, API gateways) to ensure encrypted and reliable service-to-service communication.
• Apply zero-trust principles and compliance automation to enforce security policies and validate system compliance.
• Manage identity and access using secure methods for secrets, tokens, certificates and least-privilege access control.

• Minimum 4 years of experience with containerization and orchestration (Docker, Kubernetes, OpenShift).
• Minimum 4 years of experience in designing and maintaining CI/CD pipelines with automated testing and security validation.
• Experience with Infrastructure as Code (Terraform, Ansible, Helm, Pulumi).
• Experience deploying and securing workloads in hybrid/public cloud environments (AWS, Azure, Google Cloud, VMware, OpenStack).
• Experience implementing site reliability engineering and observability practices (Prometheus, Grafana, ELK/Loki, OpenTelemetry).
• Experience implementing scalable, resilient, high-throughput systems and service-oriented architectures.
• Experience delivering capabilities in Agile/DevSecOps environments (Scrum, SAFe, Kanban).
• Experience designing and managing secure networking and service mesh (TLS, Istio, Linkerd, API gateways).
• Experience applying zero-trust principles and compliance automation (OPA, Kyverno, SBOM, CIS benchmarks).
• Experience managing secrets and access policies using modern IAM solutions (Vault, AWS KMS, Azure Key Vault, RBAC/ABAC).
• Fluent English skills (verbal and written).
• Bachelors degree in Computer Science, Engineering or a related field (or equivalent professional experience).
• Willingness to work in EST time zone.