DevSecOps Engineer

Role: DevSecOps Engineer
Location: Prague
Contract type: full time

About Carrier

At Carrier we make modern life possible by delivering innovative and sustainable ground-breaking systems and services that matter for people and our planet. We exceed the expectations of our customers by anticipating industry trends working tirelessly to master and revolutionize them. This is why we come to work every day. And we do it The Carrier Way.

Join us and we can make a difference together.

About the role

The DevSecOps Engineer is a hands-on technical contributor responsible for building and maintaining secure automated software delivery pipelines. This role focuses on integrating security controls into DevOps workflows supporting development teams and improving security posture through repeatable tooling automation and best practices.

Benefits

We are committed to offering competitive benefits programs for all of our employees and enhancing our programs when necessary.

Among the many benefits Carrier offers Exciting innovative environment possibility for further development and international career opportunities high-profile team daily use of English and other foreign languages language courses Competitive remuneration and other benefits (meal vouchers contribution to life or pension insurance holidays etc.) Flexible working hours possibility for home office sick days.

Requirements

• Hands-on experience with CI/CD platforms (Azure DevOps GitHub Actions GitLab Jenkins).
• Strong scripting and automation skills (Python PowerShell or Bash).
• Experience integrating security tooling (SAST/SCA/DAST IaC scanning container scanning).
• Working knowledge of cloud platforms (Azure AWS or GCP) and cloud-native security services.
• Proficiency with containers (Docker) and orchestration basics (Kubernetes fundamentals).
• Understanding of secure coding concepts and common vulnerabilities (OWASP Top 10).
• Familiarity with SIEM/SOAR tools and basic incident response procedures.
• Experience with Kubernetes security (RBAC network policies PSP/Pod Security Standards).
• Knowledge of secrets management (Vault Key Vault AWS Secrets Manager).
• Exposure to compliance frameworks (NIST SOC2 CIS Benchmarks).
• Contributions to DevSecOps playbooks patterns or reusable automation components.

Responsibilities

• Implement and maintain security automation in CI/CD pipelines (SAST SCA DAST secrets scanning container scanning).
• Collaborate with development and platform teams to embed secure-by-design principles
• into SDLC processes.
• Develop and maintain Infrastructure-as-Code templates (Terraform Bicep CloudFormation) with a focus on secure configuration and compliance.
• Monitor and remediate vulnerabilities across cloud application and container environments.
• Maintain and operate tooling such as artifact repositories container registries and scanning platforms.
• Provide technical guidance to application teams on secure coding CI/CD adoption and cloud security patterns.
• Contribute to documentation standards and reusable modules that enhance engineering efficiency.
• Participate in incident response activities and provide root-cause analysis related to security findings.

Our commitment to you

Our greatest assets are the expertise creativity and passion of our employees. We strive to provide a great place to work that attracts develops and retains the best talent promotes employee engagement fosters teamwork and ultimately drives innovation for the benefit of our customers. We strive to create an environment where you feel that you belong with diversity and inclusion as the engine to growth and innovation. We develop and deploy best-in-class programs and practices providing enriching career opportunities listening to employee feedback and always challenging ourselves to do better. This is The Carrier Way.

Join us and make a difference.

Apply Now!

Pay Range: