DevSecOps Trainee (Open-Source Mentorship)

DevSecOps Trainee (Remote Open-Source Mentorship, Non-Paid)

Ranas Security is a boutique DevSecOps consultancy specializing in building Zero-Trust Infrastructure for high-growth FinTech and SaaS companies. The company uses its own Ranas Security Stack with a focus on Immutable Infrastructure, GitOps, and Invisible Perimeters to re-architect systems for enhanced security.

Ranas Security is strongly committed to open-source. We develop and maintain tools such as Cloud-IAM-Optimizer, Kube-Simple-Audit, and Secure-K3s-GitOps, and use them as part of real-world infrastructure security audits, turnkey DevSecOps implementations, and compliance readiness projects. Our priorities are automation, observability, and root-cause resolution so that security becomes a true enabler for our clients.

This is a remote, part-time educational mentorship program, not a formal employment position.

The DevSecOps Trainee (Open-Source Mentorship) will learn how modern cloud and container infrastructures are built and secured by contributing to open-source projects and shadowing real DevSecOps work.

• Location: program is run from Kazan, Russia, but participation is fully remote
• Time commitment: approx. 15–20 hours per week, with a flexible schedule
• Duration: 3–6 months (can be adjusted by mutual agreement)

During the mentorship you will:

• Learn and apply Zero-Trust principles in practice (network segmentation, identity-centric access, least privilege, etc.)
• Contribute to open-source repositories such as Cloud-IAM-Optimizer, Kube-Simple-Audit, Secure-K3s-GitOps and related tooling
• Help implement and automate Infrastructure as Code (Terraform, Ansible, GitOps pipelines)
• Assist in basic security reviews, misconfiguration checks, and vulnerability detection under supervision
• Work with logging, metrics, and tracing to understand observability and incident analysis
• Participate in regular mentorship sessions (code reviews, architecture discussions, 1:1 feedback)
• Build a public GitHub portfolio that can be referenced as practical experience

This mentorship is designed to be education-first: you will work on open-source code and training environments, not on production systems that require commercial SLAs.

• Foundational understanding of DevOps concepts (CI/CD, basic Git workflows)
• Basic knowledge of containers (e.g., Docker) and ideally Kubernetes (minikube, k3s, or managed K8s)
• Familiarity with at least one of: Python, Go, Bash
• Familiarity with configuration management / IaC tools is a plus (Ansible, Terraform)
• Interest in:
• Zero Trust models
• Observability (logs, metrics, traces)
• Vulnerability scanning and secure configuration
• Identity and Access Management (IAM) in clouds
• Willingness to learn and contribute to open-source projects and communities
• Ability to communicate clearly in writing and collaborate in a remote team
• Experience with cloud platforms (AWS, GCP, or similar) is a plus, but not required
• Bachelor’s degree in Computer Science, Information Technology, or related field is welcome, but equivalent self-taught experience is also acceptable

To keep expectations clear for both sides:

• This is a non-paid educational mentorship focused on skills growth and open-source contributions.
• Participation in the program does not create an employment relationship and does not include salary, social benefits, or guarantees of future employment.
• Any potential hiring in the future (if both sides are interested) will be based on a separate written employment agreement with clearly defined conditions (role, salary, working hours, benefits, etc.).
• You are free to mention your participation in this mentorship and your contributions to Ranas Security open-source projects as work experience / internship on your CV and LinkedIn. On our side, we can confirm the facts of your participation and contributions.
• You can leave the program at any time, and Ranas Security can end the mentorship at any time, for example if activity stops or expectations are not met.
• If you want to grow into a real DevSecOps engineer through hands-on open-source work and direct mentorship, while building a portfolio that hiring managers can verify, this program is for you.