Senior DevOps Engineer

This is us

At Avenga, we believe that human creativity empowers technology that matters. Operating globally, our 6000+ specialists provide a full spectrum of services, including business and tech advisory, enterprise solutions, CX, UX and Ul design, managed services, product development, and software development.

This is the job

In Bulgaria within the TMT industry, we are actively seeking a professional to strengthen our team.

This is you

• Secure coding across multiple languages and frameworks (C#, ASP.NET, MVC, jQuery, TypeScript, Angular, Bootstrap)
• Threat modeling and vulnerability analysis (SQL Injection, XSS, Session Management)
• Tooling and automation using GitHub, GitHub Advanced Security, Fortify On-Demand, Web Inspect, Qualys, Application Insights, and Azure DevOps
• Manual and automated code review across Microservices, MVC, and SOA+SPA architectures
• Collaboration with developers and architects to enhance secure design and coding practices

This is your role

This role involves acting as a subject matter expert in secure coding, providing guidance, mentorship, and hands-on expertise across multiple technologies.

• Secure coding enablement (25%): Act as a subject matter expert in secure coding across multiple languages and frameworks (e.g., C#, ASP.NET, MVC, jQuery, TypeScript, Angular, Bootstrap). Provide guidance and mentorship to developers and code champions. Continuously learn and share knowledge to elevate team capabilities and ensure consistent quality of analysis.
• Threat modeling and vulnerability analysis (25%): Apply deep knowledge of security principles, threat modeling, and common vulnerabilities (e.g., SQL Injection, XSS, Session Management) to help teams proactively secure applications and systems. Collaborate with developers to interpret scan results and recommend remediation strategies.
• Tooling and automation for security processes (25%): Design, implement, and maintain automated scanning solutions using tools such as GitHub, GitHub Advanced Security, Fortify On-Demand, Web Inspect, Qualys, and Application Insights. Integrate these tools into CI/CD pipelines (e.g., Azure DevOps) to support Agile and DevOps workflows. Monitor tool usage and compliance across teams.
• Conducting manual and automated Code reviews with architectural guidance (25%): Perform manual and automated code reviews across diverse architectures (Microservices, MVC, SOA+SPA). Identify security gaps and provide actionable recommendations. Collaborate with architects and developers to improve design patterns and reduce risk.The engineer will work closely with development teams to ensure application security and compliance through proactive identification and remediation of vulnerabilities.

What awaits you at Avenga?

Through our values, Better Minds, Bolder Ideas, and Bigger Hearts, we strive to provide you with the tools, autonomy, trust, and assistance you need to excel. Enjoy benefits like private health insurance, well-being programs, flexible and hybrid work models, laptops and gear, training, language classes, social events, great offices, and more.

We take pride in the diverse skills and character of our teams, welcoming everyone to apply and contribute to our collective strength.