Take ownership of complex technological problems.

We are monday.com, a global software company transforming how businesses run. Our product suite can adapt to the needs of diverse industries and use cases within one powerful platform, empowering ~250,000 customers worldwide to reimagine how work gets done, drive greater efficiency, and scale like never before.

With over 3,000 employees across the globe, we grow by prioritizing transparency and knowledge sharing. We care about the impact you make, not the hours you clock, so we encourage initiative, ownership, and fresh thinking. We back our people with flexible work, wellness and mental health support, and a work environment built on collaboration.

We’re looking for a Senior DevSecOps to join our team, where you’ll have the chance to grow your career while solving impactful, high-scale problems. This role requires a keen understanding of security practices integrated within the software development lifecycle. The ideal candidate will play a crucial role in securing our CI/CD pipelines, working with Web Application Firewalls, and managing our Cloud Security Posture. A person in this role will be a part of the team serving a key entity in communication and synchronization between the several groups of stakeholders (Infrastructure, Development, Security), fostering a culture of security awareness and collaboration across all the teams.

We fully embrace the AI revolution and we equip you with AI-powered IDEs, customizable agent rules, prompt engineering tools to streamline your workflow and AI-infused CI/CD pipelines designed to boost speed and reliability. You'll also tap into AI-driven insights, helping you make smarter decisions, faster.

The role is based in our Warsaw office - established in 2022, it is a growing hub for engineers who love solving impactful problems. Teams here work on a broad range of challenges that push the boundaries of our products and infrastructure. Dive into these blog posts to discover the kind of work that could be waiting for you:

• Detecting traffic anomalies at scale
• Managing Trace Volume at monday.com
• How we mastered Content Security Policy
• Guarding the herd – managing database servers at scale

About The Role

Securing CI/CD Pipelines:

• Implement and manage security controls for CI/CD pipelines.
• Automate security testing and vulnerability management within the CI/CD process using tools like Terraform.
• Collaborate with development teams to integrate security best practices and policies.

Working with WAFs:

• Configure and manage Web Application Firewalls (WAFs) such as Cloudflare to protect web applications from security threats.
• Monitor and update WAF rules to respond to new vulnerabilities and attack vectors.
• Conduct regular security assessments and audits of WAF configurations.

Cloud Security Posture Management:

• Develop and implement cloud security best practices and policies.
• Continuously monitor cloud environments using tools like AWS Guard Duty, Wiz, Orca, DataDog and similar to ensure compliance with security standards.
• Collaborate with cloud operations teams to identify and remediate security risks.
• Managing security cloud configuration with tools like Terraform and CDK.

Implementing Security Self Service approach:

• Development security tools in the organization IDP
• Testing/performing PoC of new security tools to increase efficiency development practices in the security context and foster Secure by Design principle.

Requirements

• 3+ years of experience in DevOps/DevSecOps or related roles.
• Passion for keeping systems secure.
• Proficiency in any of languages Python/Go/Typescript.
• Experience with Kubernetes.
• Strong understanding of operating systems and networking.
• Expertise implementing Shift Left/Secure by Design inside CI/CD pipelines using SAST/DAST tools such SonarQube, Dependabot alert, Wiz and others.
• Experience with configuring and managing Web Application Firewalls (WAFs) such as AWS WAF, Cloudflare, or similar.
• Excellent problem-solving and communication skills.

Salary & Compensation

At monday.com, our total compensation package includes:

• Base salary
• Bonus target
• Restricted Stock Units (RSUs)

The total target monthly compensation for this role ranges from 49,000 PLN to 59,000 PLN.

The total compensation package shown here reflects the current monday.com stock price and may change over time as the stock price varies. The target bonus and RSU grant are discretionary, depend on individual and company performance, and are subject to Board approval and the company’s equity plan, in line with monday.com’s bonus policy as updated from time to time. The benefits listed reflect programs currently offered in Poland; availability and terms may vary depending on the role, contract type, and company policy. These details do not constitute an employment offer or guarantee and may be modified at the company’s discretion, in accordance with applicable law.

Social Title

DevSecOps Engineer

Social Description

monday.com is seeking a skilled DevSecOps Engineer to join our growing team. This role requires a keen understanding of security practices integrated within the software development lifecycle. The ideal candidate will play a crucial role in securing our CI/CD pipelines, working with Web Application Firewalls (WAFs), and managing our Cloud Security Posture.

If you are passionate about security and have the skills and experience to make an impact, we encourage you to apply!

Our Team

Position Type