DevSecOps Engineer

• Named the #1 Restaurant POS by G2(Fall 2025) based on ratings from real users
• Rated thetop-rated point-of-sale(POS) for restaurants bars retail and small businesses by Capterra users
• AwardedGreat Places to Workand Built InsBest Workplacesfor multiple years running

On a daily basis you will:

• Design implement and maintain AWS security controls and infrastructure using Terraform.
• Manage AWS Identity & Access Management (IAM) policies roles and permissions for least privilege.
• Configure and monitor AWS-native security services (GuardDuty Security Hub WAF CloudTrail).
• Build and manage Zscaler configurations as code to enforce Zero Trust principles.
• Build and manage Okta configurations as code for policies groups and application integrations.
• Detect and remediate cloud misconfigurations ensuring compliance with frameworks such as SOC 2 and PCI DSS.
• Support incident response by providing visibility into AWS resources and logs.

What skill are we looking for

• Strong experience with AWS services (IAM VPC EC2 S3 Lambda WAF).
• Willing to come into our Kraków or Gdańsk office 2-3 times per week.
• Experience writing and maintaining infrastructure-as-code for AWS and Okta (TerraformOkta provider or similar).
• Knowledge of cloud security best practices and compliance frameworks (SOC 2 and PCI).
• Familiarity with monitoring/logging (CloudWatch Grafana SIEM).
• Experience managing Zscaler policies as part of enterprise security architecture.
• Strong problem-solving skills and ability to collaborate with cross-functional teams.
• Experience with automation and scripting (Python Go or similar).

Heres a bit about what we have to offer:

• Competitive pay:19 500 - 24 400 PLN net on B2B; 16 500 - 20 000 PLN gross on CoE.
• Training budget 3500 PLN gross per year.
• Access to e-learning platforms (OReilly).
• Fully paid private healthcare in LuxMed.
• Access to the Worksmile platform with a monthly top-up.
• Subsidized access to breakfast and lunch through the vending machine in Kraków office and lunches in Gdańsk office once a week.
• Group English classes with a native speaker.
• New Macbook Pro 4K monitors or whatever tools you need.
• Flexible working hours.
• New modern bright and comfortable office space in the city centre.
• A lot of free parking spots around the office.
• Access to the companys library.
• Great working atmosphere.
• Chill out room with a PlayStation and games.
• Free snacks and beverages in a kitchen.
• Company parties and social activities.
• Employee referral program.
• Relocation Package within Poland.

The controller of your personal data included in your job offer and others collected during the recruitment process is SpotOn Poland spółka z ograniczoną odpowiedzialnością with its registered office in Kraków Aleja 29 listopada 20 31-401 Kraków e-mail address:
. We will process your personal data for the purpose of current or if you voluntarily agree also future recruitment processes. More information about how we proccess your data including the basis for processing and your rights in relation to the processing can be found on our website: podanych danych osobowych w tym danych zawartych w dokumentach aplikacyjnych i zebranych w toku procesu rekrutacji jest SpotOn Poland Sp. z o.o. z siedzibą w Krakowie (ul. Aleja 29 listopada 20 31-401 Kraków; adres e-mail do kontaktu:
. Dane osobowe będą przetwarzane w celu realizacji obecnych lub jeżeli wyrazisz na to dobrowolną zgodę także przyszłych procesów rekrutacji. Więcej informacji o tym jak przetwarzamy Twoje dane w tym także informacje o podstawach prawnych przetwarzania oraz o prawach przysługujących Ci w związku z przetwarzaniem danych znajdziesz na stronie:
is an equal employment opportunity employer. Qualified candidates are considered for employment without regard to race religion gender gender identity sexual orientation national origin age military or veteran status disability or any other characteristic protected by applicable law.

SpotOn is an e-verify company.