About Camlin

Camlin is a global technology leader that operates with the vision of bringing revolutionary products to life for a wide range of industries, including power and rail, and also has interests in a number of R&D projects in a variety of scientific sectors.

At Camlin we believe in high quality engineering and design, allowing us to develop market leading products and services. In short, we love creating value for our customers by solving difficult problems. As of now, Camlin operates in over 20 countries worldwide.🌐

We are looking for aDevSecOps Engineer(or a DevOps Engineer with a strong security mindset) to strengthen our Embedded Systems Unit.

In this role, you will collaborate closely with embedded development teams and ourInformation Security Management System (ISMS)team to ensure that our industrial and field‑deployed products meet cybersecurity requirements defined inCRA,RED,andIEC 62443.

You will not be responsible for creating governance processes; instead, you willexecute and applythe workflows and policies defined by ISMS, ensuring they are consistently implemented across development, testing, manufacturing, and deployment environments.

You will support the full lifecycle of our embedded systems, toolchains, factory test infrastructure, and backend services.

Responsibilities

Secure Development & Compliance

• Execute secure development workflows defined by ISMS. Support developers in applying secure coding, secure update mechanisms, access‑control, and documentation practices aligned with CRA/RED/IEC 62443.

Vulnerability Scanning & Reporting

• Run SCA / SAST / DAST tools (e.g., SonarQube, JFrog XRay) within CI/CD pipelines.
• Prepare actionable vulnerability reports aligned with CRA and IEC 62443 vulnerability‑handling requirements.

Security Testing

• Perform or coordinategrey‑box or white‑box security testson firmware and backend releases.
• Validate system behaviour against RED 3.3(d/e/f) cybersecurity safeguards and IEC 62443 component requirements.

Software License & SBOM Reporting

• Generate and maintain Software Bills of Materials (SBOMs).
• Produce OSS license compliance reports to support CRA transparency and supply‑chain documentation.

Security Tooling for Production & Field Devices

• Operate and maintain firmware signing pipelines.
• Handle certificate provisioning, key management tools, and secure device onboarding workflows defined by ISMS.
• Support secure manufacturing workflows such as device identity injection and protected configuration handling.

Factory Test Systems

• Own and improve factory self‑tests, diagnostics, and manufacturing server infrastructure.
• Add new dashboards, performance metrics, and manufacturing KPIs.
• Implement data visualization, alerting, and monitoring in tools such as Grafana.

Database & Backend Infrastructure

• Maintain and further develop the manufacturing database.
• Implement structured schema versioning.
• Develop APIs to replace direct SQL access and improve data integrity.
• Optimize database structure, queries, and overall performance.

CI/CD & Automated Deployment

• Maintain secure, reproducible CI/CD build and release pipelines for embedded firmware and backend services.
• Manage deployment workflows, including environment provisioning, artifact signing, and release traceability.

 Required Skills & Qualifications

Technical Skills

• Familiarity withSCA/SAST/DAST toolssuch as SonarQube, JFrog XRay, or similar.
• Understanding ofSBOM standards(CycloneDX, SPDX).
• Programming in Python, Node.js.
• Experience withSQL databasesand API design.
• Practical knowledge ofmonitoring and observabilitytools (Grafana, Prometheus, Loki).
• Ability to maintain and troubleshootfactory automation systemsand backend services.
• Experience with Embedded Linux andYocto

Cybersecurity & Standards

• Understanding of cybersecurity principles relevant to embedded systems.
• Awareness ofCRA,RED cybersecurity requirements, andIEC 62443concepts (zones, conduits, secure development lifecycle).
• Willingness for executing ISMS‑defined processes (secure SDLC, vulnerability management, incident support).
• Familiarity with secure communication protocols (TLS, certificate pinning, encrypted transport layers).

Desired Qualifications (Nice‑to‑Have)

• Familiarity with CI/CD pipeline development inGitLab
• Understanding ofdatabase architecture
• Experience withNode.js
• Hands‑on withGrafana

 Benefits:

• Employment contract with competitive salary
• Work in small, self-organized and autonomous development teams with the ability to choose technologies and best practices
• Hybrid work model (office in Kraków)
• Company Pension & Life Assurance Schemes 
• On-site parking (car and bike) 
• UoP with 80% author’s rights tax relief
• MyBenefit system with Multisport membership, private healthcare (Medicover)
• Wellness programmes

Our Values

• We work together
• We believe in people
• We won’t accept the ‘way it has always been done’
• We listen to learn
• We’re trying to do the right thing

Equal Employment Opportunity Statement

Individuals seeking employment at Camlin are considered without regards to race, colour, religion, national origin, age, sex, marital states, ancestry, physical or mental disability, gender identity or sexual orientation.