Requirements: English
Company: Proximus Luxembourg
Region: Bertrange , Luxembourg
About Proximus NXT
Proximus NXT Luxembourg supports all organizations in their digital transformation, by providing holistic ICT & Telecommunication solutions, as well as tailored managed services. With our partners and customers, we co-create opportunities and enable growth in a secure and sustainable manner. As a result of our unique expertise in next-gen IT services, mobile and advanced connectivity, we help our customers achieve their ambitions and realize their vision.
Together with them and our partners we implement sovereign and trusted solutions that make people work smarter. www.proximusnxt.lu
Your mission :
Key Responsibilities:
- Architect, build, and manage end-to-end CI/CD pipelines (primarily using Azure DevOps), integrating automated security scans and compliance checks at every stage.
- Utilize containerization tools (Docker, Podman) to streamline build processes, all while enforcing best practices for container hardening and runtime security.
- Provision secure, scalable Azure environments with Terraform while optimizing CI/CD pipelines runtime with ContainerAppJobs and DevOps Managed Pools.
- Drive teams adoption of HashiCorp Vault by guiding its integration, sharing best practices, and ensuring a smooth onboarding.
- Integrate security testing tools (e.g., Fortify, SonarQube) within pipelines to enforce static application security testing (SAST) and software composition analysis (SCA).
- Scan for vulnerabilities and manage SBOM creation, signing, and upkeep. Establish a release process to ensure artifacts remain unchanged and auditable throughout deployment.
- Use security tools like WIZ and DefectDojo to identify vulnerabilities and help development teams integrate security measures into CI/CD pipelines to prevent future vulnerabilities.
- Utilize Ansible to automate deployment and configuration management tasks, ensuring consistent and efficient environments.
- Collaborate with cross-functional teams to ensure adherence to Agile and ITIL processes.
Your profile :
Qualifications:
- Solid experience building and implementing CI/CD pipelines using Azure DevOps.
- Hands-on experience with HashiCorp Vault secret management solutions.
- Experience in containerization technologies such as Docker and Podman.
- Adept at using security scanning tools such as Fortify and SonarQube to identify and address vulnerabilities
- Familiarity with WIZ as a Cloud-Native Application Protection Platforms (CNAPP).
- Knowledge of OWASP security guidelines and best practices.
- Good understanding of Agile and ITIL processes.
- Excellent problem-solving skills and attention to detail.
- Strong communication and collaboration skills.
- Ability to work independently and as part of a team.
Preferred Skills:
- Proactive and self-motivated with a passion for continuous learning and improvement.
- Expertise in Terraform and Ansible for automation and configuration management.
- Familiarity with regulatory compliance standards and practices to ensure adherence throughout the development lifecycle.
Our offer :
A professional and stimulating work environment in the IT & telecom sector. Multiple career opportunities within the Proximus Group at national and international level, cutting-edge training in new technologies, a wealth of recognized expertise. We also offer an attractive salary package and many other benefits.
Our company is an equal opportunity employer, valuing diversity in all its forms. We firmly believe that each individual brings a unique richness to our teams, and we are committed to creating an inclusive environment where every voice counts.
If at the end of the process your application is successful, you will be asked to provide an extract from your criminal record. Your personal information will be handled in compliance with applicable data protection laws.