DevSecOps Engineer CI/CD Security Implementation (Freelancer)

Remote

Teilzeit

Freelancing

Ihre Aufgaben

You will be writing YAML, configuring tools, and committing code:

SAST – Static Application Security Testing

- Integrate SonarQube into GitHub Actions for code quality and security scanning
- Configure quality gates and security rules for Python, R, and PHP codebases
- Set up branch analysis and PR decoration

Dependency Scanning & SCA

- Implement Snyk for dependency vulnerability scanning in CI pipelines
- Configure Snyk for Python, R, and PHP projects
- Set up automated fix PRs and vulnerability tracking
- Integrate Snyk with GitHub for continuous monitoring

Container Image Security

- Configure AWS ECR Enhanced Scanning for container images
- Set up ECR scan-on-push and findings routing to Security Hub
- Create Dockerfile security best practices and base image guidelines

Secret Scanning & Management

- Configure GitHub secret scanning and push protection
- Implement pre-commit hooks
- Set up AWS Secrets Manager integration patterns for applications

Security Gates & Pipeline Governance

- Create security gates that block deployments on critical/high findings
- Configure severity thresholds and exception workflows
- Document all configurations for ISO 27001 audit evidence

Ihr Profil

You must have hands-on implementation experience with:

-GitHub Actions: writing and maintaining complex workflows
- SonarQube: setup, configuration, quality gates, CI integrations
- Snyk: dependency scanning, GitHub integration, fix automation
- Container scanning: ECR scanning, or similar tools
- AWS: ECR, Security Hub, Secrets Manager
- Python: enough to understand and review Python code for security

Nice to Have

- DAST implementation (OWASP ZAP automation)
- ISO 27001 compliance documentation experience
- AWS GuardDuty and Inspector configuration
- GitHub Advanced Security features
- AWS Certified Security – Specialty

Warum wir?

We are an international and diverse team of passionate and experienced experts, joining forces for a sustainable future! We believe that our team is our core asset and we support our people as best we can.

To help you build your future and thrive with us, we offer:

Remote work and flexible working hours
Competitive compensation
Professional onboarding to help you have an ideal start with us
Being part of a meaningful mission to a more sustainable future
The opportunity to work independently

Ready to join our team?

We are looking forward to your application and hope to welcome you in our team soon!

We are a company with equal opportunities for everyone and encourage applications from all suitably qualified candidates regardless of age, race, gender or any other criteria that is not a professional qualification for an open position.

About us

Global Risk Assessment Services (GRAS) is an innovative service and information provider offering environmental and social knowledge for fully traceable and sustainable supply chains. GRAS helps agricultural producers, processors, traders, auditors, brand owners, NGOs, and investors to assess and monitor their sustainability risks. GRAS offers mapping and tracking tools, mobile apps, dashboards and databases for the verification of compliance with sustainability requirements and improvement measures.

Our close-knit team of dedicated, supportive, and highly motivated professionals at GRAS come from a variety of backgrounds, which contributes to the diverse and dynamic work environment. We all work together with a shared enthusiasm for sustainability and a common objective. We look forward to having you join our team at the ISCC headquarters in Cologne if you think we are a good fit for you.