Devsecops Engineer

Asis Elektronik is a fast-growing organization and market leader in smart technology solutions with over 450 employees. Our solutions help transport authorities to provide effective transit systems via easing passenger movement and improving operations management. Besides Turkey, our portfolio covers countries in Europe, the Middle East, Africa, and South Asia with on-ground operations. As an R&D and innovation-focused company, we are developing next-generation technology for smart transportation and smart cities. In addition, we are developing applications for automotive, defense, and financial technologies. As Asis Elektronik, we are among the companies that shape the IT sector with our value-adding solutions. With our successful performance in different categories, we took our place in the 22nd “Top 500 IT Companies Survey” conducted by BT News. We are looking for a ''DevSecOps Engineer’’creative, game changer, innovative thinker, who takes initiative and is driven to help improve systems and embraces a culture of teamwork.
 

Qualifications & Requirements

• Bachelor’s degree in Computer Engineering, Software Engineering, Information Security, or a related field
• 4–5 years of experience in Application Security or DevSecOps roles
• Hands-on experience with Burp Suite Pro, SonarQube, and CI/CD platforms
• Ability to understand and review application code (Java, .NET, or similar technologies)
• Strong knowledge of OWASP Top 10 and Mobile Security Standards (OWASP MASVS)
• Experience in automation scripting
• Solid knowledge of Linux & Windows systems administration
• Strong understanding of network and application security fundamentals
• Analytical thinking, problem-solving mindset, and teamwork orientation
• Good command of English (written & verbal)
• We are looking for a hands-on Security Engineer to secure our entire SDLC. You will act as the bridge between security and engineering, performing deep-dive Web & Mobile penetration tests while architecting automated security gates within ourCI/CD pipelines.

Responsibilities

• Conduct Gray-box/Black-box testing on Web Apps and APIs, focusing on complex business logic vulnerabilities.
• Perform dynamic analysis and reverse engineering on Mobile Apps (iOS/Android) using tools like Frida and Objection.
• Embed SAST, DAST, and SCA tools into CI/CD pipelines (Jenkins, GitLab, etc.) to automate vulnerability detection.
• Write custom scripts (Python/Bash/Go) to orchestrate security scans and enforce quality gates.
• Perform Secure Code Reviews and guide developers on remediation strategies.
• Manage and tune WAF policies to block attacks while maintaining application availability.
• Contribute to secure architecture design and DevSecOps practices

What’s in it for you

• Opportunity to work on smart city, transportation, and fintech technologies
• Experience in an Agile and innovation-driven environment
• Collaboration with a dynamic and highly skilled engineering team
• Hybrid working model
• Continuous learning and professional development opportunities

Next Step

• If you are excited about building secure systems and want to work on meaningful technologies shaping the future of smart cities, we would love to hear from you.

**Your personal data gathered in your application to this job advertisement will be processed in automated systems to manage job application procedures by Asis Elektronik ve Bilişim Sistemleri A.Ş. according to the Law No. 6698 on the Protection of Personal Data (“KVKK”) and related regulations.