About the job Senior Devops Engineer (AWS/GITHub) - Remote Portugal
**DevSecOps Engineer (GitHub Actions/SonarQube/Kubernetes) – Full Remote Portugal**
**ABOUT THE OPPORTUNITY**
This is a hands-on DevSecOps role for an engineer who lives in the pipeline — someone who finds satisfaction in making builds faster, releases safer, and security invisible to the developer. You'll be working at the intersection of CI/CD engineering, application security tooling, and container infrastructure in an environment where DevSecOps is a first-class concern, not a compliance checkbox. If you've built and hardened complex pipelines from the ground up and you care about the quality of what ships, this is your kind of work.
**PROJECT & CONTEXT**
You'll design, build, and continuously improve CI/CD pipelines supporting scalable application build and release processes across multiple tech stacks. The scope covers the full DevSecOps lifecycle — source control governance, workflow automation via GitHub Actions, security scanning integration (SCA, SAST, DAST), containerised application delivery, and artifact management. You'll work closely with development teams to embed security and quality gates without slowing delivery down.
**WHAT WE'RE LOOKING FOR**
**Experience**
- Solid hands-on experience in a **DevSecOps, CI/CD Engineering, or Platform Engineering** role
- **Fluent English** — written and spoken, for cross-team collaboration and technical documentation
**CI/CD & Source Control**
- Deep practical experience with **GitHub**, including **GitHub Actions** and **GitHub Enterprise** features
- Strong command of **Git branching strategies** and **GitOps workflows**
- Experience with GitOps tooling: **ArgoCD or FluxCD**
**DevSecOps & Security Tooling**
- Hands-on integration of **DevSecOps tools** across the SDLC:
- **SCA** (Software Composition Analysis)
- **SAST** (Static Application Security Testing) — **SonarQube, Checkmarx**
- **DAST** (Dynamic Application Security Testing) — **Prisma Cloud** or equivalent
- Ability to embed security gates into pipelines without blocking developer velocity
**Automation & Scripting**
- Scripting proficiency in **Shell (Bash)** and **Python** for build and operational automation
- Pipeline design experience for **Maven/Java** and **Node.js** application workflows
**Containers & Infrastructure**
- Hands-on with container image creation, **Helm chart** configuration, and deployment processes
- Exposure to container orchestration platforms: **AWS EKS, OpenShift, or Azure AKS**
- Artifact management with **Sonatype Nexus**
**NICE TO HAVE**
- Experience with monitoring and observability tooling, particularly **Datadog**
- Deeper platform experience across multiple Kubernetes distributions (EKS + OpenShift, AKS + EKS, etc.)
- Familiarity with **infrastructure-as-code** tooling (Terraform, Pulumi) alongside pipeline work
- Background in **regulated or security-sensitive environments** where compliance pipelines are standard
- Experience with **multi-team or enterprise-scale** GitHub Enterprise rollouts