Your responsibilities, Design and maintain Groovy pipeline steps (build, test, package, scan, deploy), Extend Python tooling for SLSA provenance, SBOM generation, hash/digest accuracy, and security scan aggregation, Optimize performance (parallel builds, caching, scope-reduced BOMs, dependency prefetch), Ensure artifact integrity (correct SHA1/SHA256 mapping, reproducible inputs, evidence modeling), Refactor legacy scripts (remove global state, consolidate hashing, standardize templates), Document ci-config.yaml standards and usage patterns, Mentor engineers on secure pipeline development and supply-chain practices, Troubleshoot and prevent pipeline incidents, Note: Detailed project information will be shared during the recruitment process.

7+ years of engineering experience; 3+ years in CI/CD platform or DevSecOps, Strong Jenkins + Groovy shared library expertise, Advanced Python automation (JSON/YAML processing, tooling scripts), Deep knowledge of Maven/NPM/Python packaging; exposure to Helm/Terraform and container image metadata, Supply-chain security (SLSA, CycloneDX SBOM, digests), Experience with SonarQube, Sonatype IQ, container and SAST scanning, Proven performance tuning (caching, parallelization, dependency pruning), Compliance awareness

Optional, Artifact signing / attestations (cosign, OCI), Terraform module and Helm chart publishing patterns, GitOps or release automation experience, GCP/AWS cloud experience

This is how we work, agile, scrum

This is how we work on a project, Continuous Deployment, Continuous Integration

What we offer, Flexible cooperation model – choose the form that suits you best (B2B, employment contract, etc.), Hybrid work setup – 6 days per month in the office (Kraków), Collaborative team culture – work alongside experienced professionals eager to share knowledge, Continuous development – access to training platforms and growth opportunities, Comprehensive benefits – including Interpolska Health Care, Multisport card, Warta Insurance, and more, High quality equipment – laptop and essential software provided

Benefits, sharing the costs of sports activities, private medical care, sharing the costs of professional training & courses, life insurance

additional-module

Joining this project you’ll become part of Mindbox – a tech-driven company where consulting, engineering, and talent meet to build meaningful digital solutions. We’ll back you up every step of the way, accelerate your development, and ensure your skills make a difference.

Mindbox Sp. z o.o., At Mindbox, we connect top IT talents with technology projects for leading enterprises across Europe., Our focus is on matching your skills with work that matters – projects that use modern tech stacks, solve real business challenges, and give you space to grow. By joining us, you’ll deliver technology solutions for well-known brands, supported by the Mindbox team that values knowledge-sharing and continuous development. We make sure you have the tools, flexibility, and guidance to do your best work – and to keep moving forward in your career.

About the project

We are looking for a DevSecOps Engineer to design, build, and operate a Jenkins-based, developer-focused pipeline platform that enables thousands of builds per day across Java, Node.js, Python, and cloud-native workloads. Our Client's mission is to make secure delivery the default and great developer experience the norm.

You will own and evolve our Client's Jenkins Shared Library, powering multi-language builds (Java/Maven, Node/NPM, Python, Helm, Terraform, containers). Your work will deliver fast, secure, provenance-rich pipelines (SLSA, SBOM, digests) and strengthen supply chain integrity across teams.

Sounds like your kind of challenge?

This is how we work on a project, Continuous Deployment, Continuous Integration

additional-module

Joining this project you’ll become part of Mindbox – a tech-driven company where consulting, engineering, and talent meet to build meaningful digital solutions. We’ll back you up every step of the way, accelerate your development, and ensure your skills make a difference.

About the project

We are looking for a DevSecOps Engineer to design, build, and operate a Jenkins-based, developer-focused pipeline platform that enables thousands of builds per day across Java, Node.js, Python, and cloud-native workloads. Our Client's mission is to make secure delivery the default and great developer experience the norm.

You will own and evolve our Client's Jenkins Shared Library, powering multi-language builds (Java/Maven, Node/NPM, Python, Helm, Terraform, containers). Your work will deliver fast, secure, provenance-rich pipelines (SLSA, SBOM, digests) and strengthen supply chain integrity across teams.

Sounds like your kind of challenge?

Your responsibilities

• Design and maintain Groovy pipeline steps (build, test, package, scan, deploy)
• Extend Python tooling for SLSA provenance, SBOM generation, hash/digest accuracy, and security scan aggregation
• Optimize performance (parallel builds, caching, scope-reduced BOMs, dependency prefetch)
• Ensure artifact integrity (correct SHA1/SHA256 mapping, reproducible inputs, evidence modeling)
• Refactor legacy scripts (remove global state, consolidate hashing, standardize templates)
• Document ci-config.yaml standards and usage patterns
• Mentor engineers on secure pipeline development and supply-chain practices
• Troubleshoot and prevent pipeline incidents
• Note: Detailed project information will be shared during the recruitment process.

Benefits, sharing the costs of sports activities, private medical care, sharing the costs of professional training & courses, life insurance

additional-module

Joining this project you’ll become part of Mindbox – a tech-driven company where consulting, engineering, and talent meet to build meaningful digital solutions. We’ll back you up every step of the way, accelerate your development, and ensure your skills make a difference.

Mindbox Sp. z o.o., At Mindbox, we connect top IT talents with technology projects for leading enterprises across Europe., Our focus is on matching your skills with work that matters – projects that use modern tech stacks, solve real business challenges, and give you space to grow. By joining us, you’ll deliver technology solutions for well-known brands, supported by the Mindbox team that values knowledge-sharing and continuous development. We make sure you have the tools, flexibility, and guidance to do your best work – and to keep moving forward in your career.

About the project

We are looking for a DevSecOps Engineer to design, build, and operate a Jenkins-based, developer-focused pipeline platform that enables thousands of builds per day across Java, Node.js, Python, and cloud-native workloads. Our Client's mission is to make secure delivery the default and great developer experience the norm.

You will own and evolve our Client's Jenkins Shared Library, powering multi-language builds (Java/Maven, Node/NPM, Python, Helm, Terraform, containers). Your work will deliver fast, secure, provenance-rich pipelines (SLSA, SBOM, digests) and strengthen supply chain integrity across teams.

Sounds like your kind of challenge?