Zagreb, Croatia

DevSecOps Engineer

Full time Development Remote possible

Are you passionate about IT security? We are looking for a passionate and skilled DevSecOps Engineer to work with our developers and engineers and implement information security and data privacy controls in the Software Development Lifecycle (SDLC). Together with the Cyber Security Team, you will perform the analysis of our internally developed applications and services and propose solutions to protect against the latest threats and vulnerabilities, and define improvement actions. As a DevSecOps Engineer, you will be in a position to directly influence the work of over 50 engineers across dozens of microservices that process hundreds of thousands of bet slips per day through their whole lifecycle!

We’re looking for someone who has:

  • CS or related degree

  • Solid development background and progression as a security expert

  • Knowledge of how to assess current applications and architecture to determine methods for automating security testing and control validation

  • Security testing experience at scale by building and implementing static and dynamic analysis tools, open-source scanning tools, and integrating security into a CI/CD workflow

  • Hands-on experience with tools and technologies used throughout secure SDLC (e.g., Burp Suite, AppScan, Fortify/checkmarx /Veracode, WhiteSource/Blackduck)

  • Experience with containers and orchestration technology such a Docker and Kubernetes

  • Application Security secure software coding practices and OWASP: Open Web Application Security Project

  • Experience in web application security

  • Passion about information security, eager to continuously learn and develop 

Bonus points if you:

  • Are experienced with Cloud Security - AWS/Azure/Google Cloud etc.

  • Are familiar with DevOps, DevSecOps, and Agile SDLC methodologies

  • Know your way around CI/CD processes, toolsets, and version control software like Jenkins, CircleCI, GitLab, GitHub

  • Have experience with Javascript (server- and client-side) and Go

  • Have used DBs such as PostgreSQL, Redis, MongoDB, CockroachDB

  • Are familiar with Kafka-based microservices architecture

What you'll be doing:

  • Be responsible for enabling a secure-by-default approach 

  • Working directly with engineering teams as they're building their services and making sure the key security principles are built into the architecture

  • Enable engineering teams to scan their code for security issues and penetration testing

  • Keep up-to-date on all new security challenges and work with our teams to develop a protection mechanism

You can expect

We want you to be happy. One of the ways we can do that is to make sure that you get rewarded for your achievements and get a fair compensation package for your skills and what you bring to the table.

It's important to take care of yourself. That's why we'll always encourage you to take a vacation and use your free days to hang out with friends & family, and not work overtime. There should always be a balance. This goes for workplace as well.
Work whenever & wherever it suits you and tailor your way of working to your schedule. You have the freedom. As simple as that.

Always striving to go to the next level without impacting the quality of our work means that we are constantly questioning our methods and adopting new practices. 
Conferences, coaching, books, courses, lectures.. you name it. So go on, try out new things and discover new technologies and we'll be there to support you along the way.

Healthy body, healthy mind, right? Stay fit with an activity of your choosing.
And besides regular health checks and 100% covered sick leave, we have your back for other (unexpected) medical expenses.
Focus on getting better and let us take care of the rest.

Nothing can bring you closer to your teammates than out-of-work socializing. That's why every team gets a budget to spend on activities of their choosing. Is it going to be karting or steak fine dining? Maybe a trampoline? Either way, it will include at least one shot.

About Happening

Happening is the technology engine powering Superbet Group's global platforms and brands that bring thrill to customers across the world every day. We are a game-changing tech company rewriting the rules of sports betting and gaming. We are shaking up the status quo by building our own end-to-end tech stack, solving deep and complex challenges for millions of customers and shaping our culture to work uniquely for the tech community. A true challenger, our technology handles serious scale on par with the Big Techs, and customer obsession runs through every team. Building our own platform gives freedom to innovate and flip the legacy perceptions and industry stereotypes.

Should we talk? Let's do it!