Overview

We are looking for a Security Engineer to lead MCP-driven security automation with a primary focus on software supply chain security.


You will design and operate an orchestration layer MCP that connects security tooling, policy controls, and engineering workflows to prevent, detect, and respond to supply chain risks across multiple repositories and build pipelines. GHAS remains part of the ecosystem, but the core mission is to standardize, automate, and govern supply chain security end-to-end.

Responsibilities

  • Build and own MCP-based orchestration: develop MCP servers/tools to automate security checks, enrichment, triage, and reporting across repos and CI/CD
  • Implement guardrails and governance for MCP flows: least privilege, allowlists, input validation, secure secrets handling, audit logs, and monitoring
  • Drive supply chain security program execution: dependency risk management, SBOM generation/verification, provenance and integrity controls, and policy enforcement in pipelines
  • Integrate and tune security tooling (GHAS/CodeQL where relevant) to improve coverage and reduce noise across multi-repo environments
  • Enable engineering teams: remediation playbooks, automation-first workflows, and measurable adoption

Requirements

  • Solid experience in security engineering with a focus on automation and secure software development practices
  • Hands-on expertise with CI/CD systems and integrating security controls into automated pipelines
  • Proficiency in using GitHub for code management, workflow automation, and security tool integration
  • Practical knowledge of Static Application Security Testing (SAST) and Interactive Application Security Testing (IAST) methodologies and tools
  • Familiarity with Large Language Models (LLMs) and their application in security or automation contexts
  • Understanding of Model Context Protocol (MCP) concepts or similar orchestration frameworks for connecting security tools and engineering workflows
  • Strong grasp of secure coding principles, policy enforcement, and risk management in the software supply chain
  • English proficiency at B2 level or higher

Nice to have

  • Experience developing with Go or Python for building automation tools or security solutions
  • Exposure to cloud platforms, especially Google Cloud Platform (GCP), for deploying and managing security services
  • Working knowledge of Kubernetes for orchestrating containerized applications and integrating security controls
  • Familiarity with Infrastructure as Code (IaC) tools such as Terraform for automating infrastructure and security configurations

Czech Republic

  • Opportunity to work in a fast-paced, agile, software engineering culture
  • Comfortable modern office in Prague 7, with support of hybrid or fully remote mode
  • Benefit program (5 weeks of vacation, paid sick days, paid days off for special occasions, meal vouchers, flexi pass, Prague city public transport annual coupon, multisport cards, optional contribution to pension fund, health insurance for family member)
  • EPAM Employee Stock Purchase Plan (ESPP) (subject to certain eligibility requirements)
  • English language courses
  • Czech language courses upon request
  • Referral bonuses for recommended candidates
  • Mobile Phone Tariff’s program for managerial-level candidates
  • Great learning and development opportunities, including in-house professional training, career advisory and coaching, sponsored professional certifications, well-being programs, LinkedIn Learning Solutions and much more

Slovakia

  • Opportunity to work in a fast-paced, agile, software engineering culture
  • Benefit program (5 weeks of vacation, 5 paid sick days, meal vouchers, cafeteria and recreation bonuses, reimbursement of glasses, contribution to pension fund)
  • Referral bonuses for recommended candidates
  • English language courses
  • Great learning and development opportunities, including in-house professional training, career advisory and coaching, sponsored professional certifications, well-being programs, LinkedIn Learning Solutions and much more

[epamgdo] Czech Republic (Remote)

The remote work option is available to candidates residing and working within the Czech Republic.

[epamgdo] Czech Republic (Benefits Eligibility)

Certain benefits and perks may be subject to eligibility requirements and may be available only after you have passed your probationary period.

[epamgdo] Slovakia (Benefits Eligibility)

Certain benefits and perks may be subject to eligibility requirements and may be available only after you have passed your probationary period.