Dev Ops Engineer - Security Analysis

You will be joining Rabobank as a DevSecOps Professional where you strengthen and embed security within the bank by integrating security deeply into development practices and engineering workflows. You will be part of a collaborative and forward-looking environment where we work together to build secure and stable tooling, enabling squads to adopt secure-by-design and secure-by-default practices across the software development lifecycle.

As part of Tech4Engineering, you will work closely with your peers within Security Services, and collaborate with Engineers, Tech Leads, Solution Architects, and the CISO organization. You will play a key role in ensuring that security becomes an integral and automated part of CI/CD pipelines, development practices, and platform engineering.

We are looking for a colleague who is collaborative, pragmatic, and impact-driven. If you enjoy working hands-on with development teams, improving security automation, and embedding security in modern engineering practices, this role offers a unique opportunity to make a meaningful impact.

Your contribution

As a DevSecOps Professional, you translate security and risk requirements into automated, scalable, and developer-friendly security solutions. You work closely with engineering teams to integrate security into CI/CD pipelines, development tooling, and application architectures.

Through your work, you will enable squads to proactively build secure software and improve the domain’s overall security maturity:

• Provide hands-on DevSecOps expertise and guidance on application security topics such as SCA, SAST, secret scanning, and secure coding practices
• Design, implement, and improve security controls within CI/CD pipelines and developer workflows
• Develop, customize, and maintain security tooling to fit the needs of engineering teams and enhance automation and developer experience
• Translate central security standards into automated controls, policies and developer-friendly guardrails
• Support squads in integrating security testing and validation into their development lifecycle
• Actively contribute to secure-by-design practices by advising teams during solution design and implementation
• Guide teams in remediating complex security vulnerabilities
• Advocate and implement best practices regarding security scanning for various programming languages
• Collaborate with platform teams to embed security capabilities into shared services and tooling
• Work closely with the CISO organization to align DevSecOps practices with central security policies
• Improve security visibility by implementing metrics, dashboards, and reporting within CI/CD ecosystems
• Support incident response and root-cause analysis from a security tooling and pipeline perspective
• Drive continuous improvement of DevSecOps practices through automation, knowledge sharing, and training
• Act as a mentor and point of contact for less experienced colleagues in DevSecOps and application security
• Contribute to improving the overall quality and maturity of DevSecOps capabilities within the domain
  

Facts & figures

• 36 hours per week
• Over 10 teams supported with platform solutions
• 9.5 million customers worldwide 

Your profile

• You are a hands-on DevSecOps professional who combines strong development experience with deep application security knowledge. You are comfortable working within engineering teams and understand how to balance security with developer experience and delivery speed.
• Proactive mindset – You identify opportunities to automate and improve security in development workflows
• Team player – You collaborate effectively with engineers, platform teams, and security stakeholders
• Analytical thinking – You understand complex systems and can identify security risks in code and pipelines
• Ownership – You take responsibility for driving security improvements within engineering practices
• Adaptability – You thrive in fast-paced, evolving technical environments
• Communicative – You can effectively engage with developers and translate security into practical actions

Knowledge and Education

• Bachelor’s degree in Computer Science, Cyber Security, Software Engineering, or related field
• Relevant DevSecOps or security certifications (e.g., CDP, CDE, CSSLP, or similar)
• Additional certifications in cybersecurity are considered a plus

Experience & Skills

• Minimum of 5–8 years of experience in software engineering, DevOps, or DevSecOps roles
• Strong programming skills and ability to read and write code in multiple languages (e.g., Python, Java, TypeScript/JavaScript)
• Experience with various package managers and ecosystems (e.g., Maven, Gradle, npm, pip)
• Strong expertise in CI/CD tooling and pipeline design (Azure DevOps, Gitlab, Github Actions)
• Hands-on experience with application security practices, including:
• Software Composition Analysis (SCA)
• Static Application Security Testing (SAST)
• Secret scanning and credential management
• Familiarity with secure SDLC practices and integrating security controls into development pipelines
• Experience with container security, cloud-native environments, and modern application architectures is a plus
• Ability to communicate effectively with developers and influence secure coding practices
• Experience in automating security processes and improving developer experience through tooling

Working together

You will be part of the Tech4Engineering community, working closely with domain squads, platform teams, various security teams and the CISO organization.

Our culture values collaboration, innovation, and continuous learning. By embedding security into development workflows, you will help strengthen Rabobank’s overall security maturity and engineering excellence.

Why You?

• You are a technically strong DevSecOps professional who enjoys working closely with developers and improving how security is implemented in practice. You make security practical, scalable, and developer-friendly.
• You take ownership, drive automation, and are motivated to improve security at scale. Your work will directly contribute to building secure software and fostering a DevSecOps culture within Rabobank

What We Offer

• The opportunity to shape and advance DevSecOps practices and tooling within Tech4Engineering
• A collaborative environment with engineers, platform teams, and security experts
• Opportunities for continuous learning and certification development
• A role with direct impact on the security and resilience of Rabobank’s digital services

Work on yourself and the world around you at the same time

For us, your development and that of society go hand in hand. That’s why we want to invest in you and work together for a better world. We summarise this in one sentence: ‘At Rabobank, you work on yourself and the world around you at the same time. You’ll see this reflected in your personal development budget, our hybrid working environment, and a healthy balance between work and home. You can work on banking services for our private and business customers, as well as societal issues such as food and energy transitions.

Why everyone is welcome at Rabobank

At Rabobank, we believe we become stronger through people who complement each other. By embracing our differences, we bring out the best in one another. We seek diversity in areas such as knowledge, skills, and experience, but also in gender, background, and culture. Across every department, we strive for variety and the freedom to be yourself – whoever you are. That’s what diversity and inclusion at Rabobank is all about

You & the application process

• Questions about working at Rabobank and the process? Ashley Lumbantobing, IT Recruiter via ashley.lumbantobing@rabobank.nl
• If you are invited for an interview, Bo, our virtual assistant, will contact you via SMS and email to schedule it.
• Answers to frequently asked questions can be found at Rabobank rabobank.jobs/en/faq
• A reliability check is part of the procedure.
• We respect your privacy.

To be considered for this position, you must be located in the Netherlands and have the legal right to work in the Netherlands. We are unable to consider candidates requiring relocation from another country.

#LI-AL2