You will serve as the bridge between development, operations, and security, building, deploying, and maintaining infrastructure & pipelines that comply with NATO / BQA security standards.
You will lead security automation, enforce compliance, and partner with architects and engineers to embed security deeply in all systems.
Design, implement, and maintain secure CI/CD pipelines and infrastructure
Integrate security controls, scans, and audits into build and deployment workflows
Automate compliance checks, vulnerability scanning, and remediation workflows
Develop IaC (Infrastructure as Code) templates and modules with secure defaults
Harden systems, environments, and services to meet strict security standards
Monitor, respond to, and analyze security incidents in production
Conduct threat modeling, security reviews, and risk assessments
Document security architecture, processes, and incident analyses
Interact with external auditors, compliance teams, and stakeholders
Domain / Security Experience
Minimum 5+ years working in DevSecOps, infrastructure security, or cloud security in regulated, defense, or government environments
Prior exposure to NATO / defense / BQA / similar high-security domain
Cloud & Infrastructure Expertise
Proven hands-on experience with one or more major cloud platforms (AWS, Azure, GCP)
Deep knowledge of VPCs, networking, IAM, security groups, and zero-trust fundamentals
Experience with container orchestration (Kubernetes), serverless, and microservices
CI/CD, Automation & Tooling
Mastery of CI/CD tools (Jenkins, GitLab CI, GitHub Actions, etc.)
Skilled in building secure pipelines with automation, testing, rollback, and artifact control
Infrastructure as Code (Terraform, CloudFormation, Ansible, etc.)
Security, Threat Modeling & Hardening
Expertise in secure design patterns, encryption, identity & access management, key management
Experience with vulnerability scanning (SAST, DAST), code scanning tools, security orchestration
Ability to perform threat modeling, risk assessments, and penetration test integration
Incident Response & Monitoring
Experience establishing and running security monitoring, SIEMs, log management, alerting
Incident response, forensics, root cause analysis
Process Rigor & Compliance
Familiarity with compliance standards (e.g. ISO 27001, NIST, DoD, etc.)
Ability to work under strict change control, audit, and documentation regimes
Strong discipline in versioning, approvals, rollback procedures, backups
Soft Skills & Communication
Excellent English (VERBAL + WRITTEN)
Ability to explain complex security issues to non-technical stakeholders
High attention to detail, accountability, reliability
Logistics & Eligibility
Based in Europe, able to engage under contract legally
Willing to undergo security / background checks as required by defense clients
Direct experience with NATO / BQA security projects
Certifications such as CISSP, CISM, AWS / Azure Security, etc.
Hands-on experience with real-time systems, classified environments
Experience with hardware, embedded systems, or network-level security
Competitive contract (remote, European)
Long-term stable engagement
Work at the forefront of secure systems, infrastructure, and defense
High standards, professional environment, opportunities for impact
Your CV / resume, clearly highlighting DevSecOps, security, and defense/regulatory experience
Cover letter addressing how you meet each mandatory requirement
Details or links for past projects in secure / regulated infrastructure contexts
References or contacts able to speak to your performance in security / regulated roles
Note: Applications that do not clearly and specifically demonstrate your fit across all mandatory fields will not be considered.
Please only apply if you fully meet the bar.