DescriptionTake ownership of complex technological problems. At monday.com, we help teams get more work done. We are the best AI work platform that empowers teams to automate, build, and scale their impact end-to-end with tools that actually execute the work for you. With over $1B in ARR, 250,000+ customers, and a global team, we’re serious about building a product people love to use and giving our employees the same ownership and flexibility to shape the way the world works. We’re looking for a Senior DevSecOps to join our team, where you’ll have the chance to grow your career while solving impactful, high-scale problems. This role requires a keen understanding of security practices integrated within the software development lifecycle. The ideal candidate will play a crucial role in securing our CI/CD pipelines, working with Web Application Firewalls, and managing our Cloud Security Posture. A person in this role will be a part of the team serving a key entity in communication and synchronization between the several groups of stakeholders (Infrastructure, Development, Security), fostering a culture of security awareness and collaboration across all the teams. We fully embrace the AI revolution and we equip you with AI-powered IDEs, customizable agent rules, prompt engineering tools to streamline your workflow and AI-infused CI/CD pipelines designed to boost speed and reliability. You'll also tap into AI-driven insights, helping you make smarter decisions, faster. The role is based in our Warsaw office - established in 2022, it is a growing hub for engineers who love solving impactful problems. Teams here work on a broad range of challenges that push the boundaries of our products and infrastructure. Dive into these blog posts to discover the kind of work that could be waiting for you: - Detecting traffic anomalies at scale - Managing Trace Volume at monday.com - How we mastered Content Security Policy - Guarding the herd – managing database servers at scale About The RoleSecuring CI/CD Pipelines: - Implement and manage security controls for CI/CD pipelines. - Automate security testing and vulnerability management within the CI/CD process using tools like Terraform. - Collaborate with development teams to integrate security best practices and policies. Working with WAFs: - Configure and manage Web Application Firewalls (WAFs) such as Cloudflare to protect web applications from security threats. - Monitor and update WAF rules to respond to new vulnerabilities and attack vectors. - Conduct regular security assessments and audits of WAF configurations. Cloud Security Posture Management: - Develop and implement cloud security best practices and policies. - Continuously monitor cloud environments using tools like AWS Guard Duty, Wiz, Orca, DataDog and similar to ensure compliance with security standards. - Collaborate with cloud operations teams to identify and remediate security risks. - Managing security cloud configuration with tools like Terraform and CDK. Implementing Security Self Service approach: - Development security tools in the organization IDP - Testing/performing PoC of new security tools to increase efficiency development practices in the security context and foster Secure by Design principle. Requirements - 5+ years of experience in DevOps/DevSecOps or related roles. - Passion for keeping systems secure. - Proficiency in any of languages Python/Go/Typescript. - Experience with Kubernetes. - Strong understanding of operating systems and networking. - Expertise implementing Shift Left/Secure by Design inside CI/CD pipelines using SAST/DAST tools such SonarQube, Dependabot alert, Wiz and others. - Experience with configuring and managing Web Application Firewalls (WAFs) such as AWS WAF, Cloudflare, or similar. - Excellent problem-solving and communication skills. Salary & Compensation At monday.com, our total compensation package includes: - Base salary - Bonus target - Restricted Stock Units (RSUs) The total target monthly compensation for this role ranges from 49,000 PLN to 59,000 PLN. The total compensation package shown here reflects the current monday.com stock price and may change over time as the stock price varies. The target bonus and RSU grant are discretionary, depend on individual and company performance, and are subject to Board approval and the company’s equity plan, in line with monday.com’s bonus policy as updated from time to time. The benefits listed reflect programs currently offered in Poland; availability and terms may vary depending on the role, contract type, and company policy. These details do not constitute an employment offer or guarantee and may be modified at the company’s discretion, in accordance with applicable law. What monday.com can offer you:  - Opportunity to join an innovative, proven company with big ambitions, competitive salary and benefits, bonus potential, and some roles are eligible to take part in the company equity incentive program. - A team that values transparency and collaboration while having fun while we work. - From Monday to Wednesday, we'll fuel your day with free breakfast and lunch in the office. - Comprehensive private medical care, life insurance, and a Multisport card to keep you active and healthy. - We care of employee's mental health as well - you will get access to Calm Mindfulness App. - Get awesome discounts on our partners' products and services. - Regular team get-togethers and fun events, plus special gifts to mark your birthday and work anniversaries. - Fully dedicated learning and development team that provides opportunities for employees to grow, gain new skills, master AI tools, and participate in workshops - Award winning work environment - named a "Best Place to Work" by Built In as well as "Great Place To Work" certified. - We foster diversity, inclusion, and belonging through our Employee Resource Groups in addition to providing access to resources and education to support our team, facilitate conversations, and encourage understanding. - A global work environment with employees in New York, Tel Aviv, London, Sydney, São Paulo, Tokyo, and more. Social TitleDevSecOps Engineer Social Descriptionmonday.com is seeking a skilled DevSecOps Engineer to join our growing team. This role requires a keen understanding of security practices integrated within the software development lifecycle. The ideal candidate will play a crucial role in securing our CI/CD pipelines, working with Web Application Firewalls (WAFs), and managing our Cloud Security Posture. If you are passionate about security and have the skills and experience to make an impact, we encourage you to apply!

Company Description Nexthink is the leader in digital employee experience management software. The company provides IT leaders with unprecedented insight allowing them to see, diagnose and fix issues at scale impacting employees anywhere, with any application or network, before employees notice the issue. As the first solution to allow IT to progress from reactive problem solving to proactive optimization, Nexthink enables its more than 1,300 customers to provide better digital experiences to more than 18 million employees. Dual headquartered in Lausanne, Switzerland and Boston, Massachusetts, Nexthink has 9 offices worldwide. #LI-Hybrid Job Description We are looking for an experienced, proactive and innovative professional that is keen to join as a Senior Site Reliability Engineer! The mission of Nexthink's SRE team is to strengthen our infrastructure and enhance our ability to deploy, monitor, and scale systems effectively and reliably. They work closely with over 50 Product Engineering teams that develop our products and services, as well as with the Technical Platform Engineering, Security and Architecture teams to understand the reliability requirements, design and implement solutions, and promote them for adoption and usage. Join our vibrant team of diverse and experienced engineers where cutting-edge technology meets innovation. Be a part of Nexthink's Digital Employee Experience technological revolution, ensuring our global customers enjoy a seamless user experience. Apply now and become a key player in our dynamic SRE organisation. As a Senior Site Reliability Engineer, you will: - Implement and manage cloud-native systems (AWS) using best-in-class tools and automation. - Operate and enhance Kubernetes clusters, deployment pipelines, and service meshes to support rapid delivery cycles. - Design, build, and maintain the infrastructure powering our multi-tenant SaaS platform with reliability, security, and scalability in mind. - Define and maintain SLOs, SLAs, and error budgets, and proactively address availability and performance issues. - Develop infrastructure-as-code (Terraform or similar) for repeatable and auditable provisioning. - Build internal platform tools and automation to support provisioning, monitoring, and operational efficiency. - Monitor infrastructure and applications ensuring high-quality user experiences. - Participate in a shared on-call rotation, responding to incidents, troubleshooting outages, and driving timely resolution and communication. - Act as an Incident Commander during the on-call duty and coordinate cross-team responses effectively to maintain an SLA. - Drive and refine incident response processes, reducing Mean Time to Detect (MTTD) and Mean Time to Recovery (MTTR). - Diagnose and resolve complex issues independently, minimizing the need for external escalation. - Work closely with software engineers to embed observability, fault tolerance, and reliability principles into service design. - Automate runbooks, health checks, and alerting to support reliable operations with minimal manual intervention. - Support automated testing, canary deployments, and rollback strategies to ensure safe, fast, and reliable releases. - Contribute to security best practices, compliance automation, and cost optimization. Qualifications - Minimum Bachelor's degree in Computer Science or equivalent practical experience. - 5+ years of experience as a Site Reliability Engineer or Platform Engineer with strong knowledge of software development best practices. - Strong hands-on experience with public cloud services (AWS, GCP, Azure) and supporting SaaS product. - Strong programming or scripting skills (e.g., Python, Go, Bash...), and experience with infrastructure-as-code (e.g. Terraform). - Proficiency with Kubernetes, container-based deployment (e.g., Docker) and related ecosystems (e.g., Helm). - Experience supporting multi-tenant microservices architectures. - Experience with CI/CD pipelines & tools (e.g., Jenkins, GitHub Actions, GitLab CI, FluxCD, Crossplane). - Experience with managing monitoring solutions (e.g. Datadog). - Comfortable participating in a rotating on-call schedule, managing critical incidents, and leading post-incident reviews. - At ease with operating and managing production systems, striking the right balance between urgency and methodology. - Strong system-level troubleshooting skills and a proactive mindset toward incident prevention. - Deep understanding of Linux systems, networking, and common troubleshooting practices. - Solid understanding of the network stack (e.g., TCP/IP, VPN, etc.), cloud architectures (VPC, subnets, firewalls, load balancers), service mesh (e.g., Istio) and storage (e.g., S3, EBS, etc). - Knowledge of zero-downtime deployment strategies, blue/green and canary releases. - Exposure to compliance standards such as SOC 2, ISO 27001, or HIPAA. FedRAMP experience is a big plus. - Experience with chaos engineering or resilience testing practices. - Excellent problem-solving skills, collaborative mindset, and a strong grasp of agile, iterative development. - Self-driven, highly organised, and capable of independently managing priorities. - Curiosity to learn new things and discover new technologies. - Strong communication, presentation, and team collaboration skills. - Excellent written and verbal skills in English. - The prior experience with any of the above-mentioned tools is a bonus, but not a must! We encourage you to apply even if you do not meet every single requirement. We welcome candidates with different level of background and experience. If you are excited about this role, please apply and our recruiters will assess your application. Additional Information We are the pioneers and trailblazers of a global IT Market Category (DEX) that is shaping the future of how the world works, giving our customers' IT Teams total digital visibility across their enterprise. Our innovative solutions integrate real-time analytics, automation, and employee feedback across all endpoints. This enables our IT teams to solve complex technical challenges, create ever more productive workplaces, and deliver happy, satisfied employees in the digital workplace. With over 1000 employees across 5 continents, Nexthink operates as One Team, connecting, collaborating and innovating to continuously grow. We call our employees 'Nexthinkers' and our commitment to diversity, inclusion, and equity is second to none. We currently have over 75 nationalities working with us, from all cultures and backgrounds, speaking many different languages.

Our team members are at the heart of everything we do. At Cencora, we are united in our responsibility to create healthier futures, and every person here is essential to us being able to deliver on that purpose. If you want to make a difference at the center of health, come join our innovative company and help us improve the lives of people and animals everywhere. Apply today! Job Details This role is in support of Cencora's global pharma consulting services marketed through our PharmaLex business. The purpose of this role is to own and lead the DevOps function, helping teams ship software faster and more safely by building and improving Azure infrastructure and CI/CD pipelines, driving automation and a shift-left culture, and mentoring engineers. Responsibilities: - Define and drive the DevOps Vision and using Agile best practices - Set direction, standards, and best practices for the team - Lead the design of scalable, secure, and reliable infrastructure and delivery pipelines - Establish and maintain CI/CD pipelines for multiple applications and services - Align DevOps initiatives with engineering, product, and business goals - Ensure high-quality engineering is demonstrated across the team - Design, deploy and maintain cloud infrastructure (Azure) - Mentor engineers and promote knowledge sharing - Facilitate clear communication between the different departments - Advocate DevOps culture across the teams looking to shift-left wherever possible #LI-VC1 Requirements: - 6+ years in DevOps/Cloud/Platform Engineering roles - 2+ years in a technical leadership or team lead capacity - Strong hands-on experience with Microsoft Azure (VMs/networking/Storage, AKS, App Services, Keyvault) - Deep experience with Kubernetes in production environments - Strong infrastructure as code experience, mainly Terraform/Helm - Strong CI/CD experience, ideally with Azure DevOps - Candidates must be based in Poland ( ideally located near Lublin ) or the United Kingdom - Functional development/coding ability with at least one language - Golang/Python/PowerShell/bash - Strong understanding of networking, security, and cloud architecture - Experience working in cross-functional engineering teams - Familiar with observability platforms - Cloudflare/Edge/WAF knowledge - will be a plus - LLM experience - will be a plus - Minimum of 5 GCSEs at grades A-C (9-4)* including Maths and English, or equivalent high school diploma - Works under broad direction and often self-initiates tasks - Makes decisions impacting results and deadlines - Demonstrates leadership in operational management and encourages learning and growth - Understands and evaluates the organizational impact of new technologies and digital services What Cencora offers Benefit offerings outside the US may vary by country and will be aligned to local market practice. The eligibility and effective date may differ for some benefits and for team members covered under collective bargaining agreements. Full time Affiliated Companies Affiliated Companies: PhlexGlobal Limited Equal Employment Opportunity Cencora is committed to providing equal employment opportunity without regard to race, color, religion, sex, sexual orientation, gender identity, genetic information, national origin, age, disability, veteran status or membership in any other class protected by federal, state or local law. The company's continued success depends on the full and effective utilization of qualified individuals. Therefore, harassment is prohibited and all matters related to recruiting, training, compensation, benefits, promotions and transfers comply with equal opportunity principles and are non-discriminatory. Cencora is committed to providing reasonable accommodations to individuals with disabilities during the employment process which are consistent with legal requirements. If you wish to request an accommodation while seeking employment, please call 888.692.2272 or email hrsc@cencora.com. We will make accommodation determinations on a request-by-request basis. Messages and emails regarding anything other than accommodations requests will not be returned

• Lead Craft’s FedRAMP readiness program — defining the roadmap, owning the ATO timeline, and driving execution across engineering and security stakeholders. • Design and implement AWS GovCloud architecture that meets FedRAMP Moderate and High requirements. • Translate NIST 800-53 Rev. 5 controls into concrete, auditable, and continuously enforced technical implementations — not just documentation. • Build and maintain compliance automation tooling to continuously validate control adherence across the environment, reducing manual audit burden. • Develop and manage secure CI/CD pipelines with integrated security gates, secrets management, and deployment controls appropriate for FedRAMP environments. • Author and maintain System Security Plans (SSPs), control implementation statements, and audit evidence packages; work directly with auditors and 3PAOs through assessment cycles. • Perform threat modeling, risk assessments, and security architecture reviews across the platform. • Define and drive how FedRAMP controls are embedded across the engineering lifecycle, partnering with full-stack, data, and machine learning teams to ensure consistent, scalable adoption. • Serve as the internal subject matter expert on FedRAMP, NIST 800-53, and federal compliance — upleveling the broader team’s knowledge as the program matures.