Lead DevSecOps Engineer

Hey, are you looking for a new job?

Or are you just a little bit curious? Cool, we might be the right place for you!

Are we a match?

May we introduce ourselves? We’re the SENSORY-MINDS team! We develop the ultimate experience for users of our digital products and for our customers. And also for us. We take this extremely seriously! We create an environment for our "Sensories" that leaves plenty of room for ideas and self-development.

What will your job be?

Key Responsibilities

• Establish the DevSecOps function at Sensory-Minds, defining best practices and security standards across the organisation
• Integrate security into CI/CD pipelines (SAST, DAST, dependency scanning, container scanning)
• Harden infrastructure and runtime environments (Linux, Docker, Kubernetes/AKS)
• Design and enforce cloud security controls in MS Azure
• Define and maintain Infrastructure-as-Code (IaC) security policies
• Implement and manage secrets management solutions
• Build centralized security monitoring and alerting systems
• Lead vulnerability management and threat modeling practices
• Automate workflows through scripting (Python, Bash)
• Partner with backend, infrastructure, and platform engineers to embed security in design and delivery
• Contribute to compliance readiness (ISO 27001, GDPR)
• Act as a security subject-matter expert, mentoring engineers and raising awareness
• Continuously evaluate and implement new security tools and approaches

• 5+ years in Security Engineering / DevSecOps roles, with proven success delivering secure infrastructure and applications
• Strong skills in NodeJs, MongoDB, and Bash for building and automating security workflows
• Deep knowledge of Azure Cloud Security, including IAM least-privilege design, encryption (at rest/in transit), and securing multi-account environments
• Experience implementing security controls in pipelines (SAST, DAST, dependency scanning, container image scanning, policy-as-code)
• Expertise in hardening Linux systems, Docker, Kubernetes/AKS, including RBAC and PodSecurity/OPA/Gatekeeper policies
• Experience with Terraform/Terragrunt, including policy-as-code, drift detection, and compliance enforcement
• Hands-on expertise with Azure Vault, MS Azure Secrets Manager, or equivalent
• Experience with centralized logging, SIEM/SOAR tools, and incident response workflows
• In-depth understanding of secure network design, segmentation, and monitoring
• Experience with tools enabling temporary, approval-based access
• Ability to design and enforce zero trust principles (continuous verification, micro-segmentation, contextual access)
• Understanding of ISO 27001, GDPR, plus experience automating compliance checks with IaC and policy engines

What do we do?

SENSORY-MINDS consists of designers, UX specialists, coders, an HR and office team, and project leads with a focus on digital transformation. We build applications for our long-term clients. They appreciate us for our creativity and agility.

You'll feel right at home here if you..

• Enjoy working in a digital and highly sociable environment
• Are kind and respectful to people and animals
• Take ownership and responsibility for your work
• Are mindful of yourself and others

What you can count on

• Flexible working-from-home model that matches your needs

• A properly equipped office and sponsored massages
• Regular team events, merchandise and lots of (delicious) goodies to make your life more enjoyable
• Training budget
• An annual special payment
• A good feedback culture
• An office and HR team that is open to your suggestions

What's next?

Just send us your CV or LinkedIn profile.

For the hiring process at SENSORY-MINDS, we take a lot of time to get to know you. We want to make sure that you like it here and that we will be a good match.

Can you imagine starting with us? Any further questions? Don’t hesitate to contact us.