Introduction
A career in IBM Consulting is built on long-term client relationships and close collaboration worldwide. You’ll work with leading companies across industries, helping them shape their hybrid cloud and AI journeys. With support from strategic partners, robust IBM technology, and Red Hat, you’ll have the tools to drive meaningful change and accelerate client impact.
Role and responsibilities
In this role, you will work in one of IBM Consulting FutureNow Centers as a DevSecOps Engineer in the UK. You will uplift and standardise the security posture across a large-scale public-sector digital screening programme, spanning AWS and Azure with 20+ cloud‑based services.
You will work closely with product teams, infrastructure engineers, and delivery squads to embed security early (“shift‑left”), automate controls, and ensure consistent guardrails across the entire service portfolio.
Key Responsibilities
* Security Engineering & Automation
o Implement and embed security controls throughout CI/CD pipelines.
o Enhance and maintain IaC (Terraform / ARM / Bicep / CloudFormation).
o Integrate automated security scanning (SAST/DAST/SCA), secrets management, policy enforcement, base image hardening, and runtime protection.
* Cloud Security (AWS & Azure)
o Design, implement, and maintain security patterns consistently across the portfolio.
o Configure cloud‑native security tooling and enforce standards.
o Collaborate on reusable libraries and toolsets.
* CI/CD & Platform Engineering
o Deliver security improvements via CI/CD and IaC repositories.
o Build and refine pipelines with automated testing, deployment, and governance.
o Enable continuous monitoring, detection, and remediation of vulnerabilities.
* Disaster Recovery & Operational Readiness
o Contribute to DR strategy uplift and runbook definition.
o Define automated processes and wargaming tools for resilience.
o Ensure clear, repeatable operational documentation.
Collaboration & Delivery
* Work hand‑in‑glove with product teams, architects, and infrastructure engineers.
* Prioritise work based on existing cybersecurity risk assessment.
* Support knowledge sharing, coaching, and embedding of security best practices.
Eligibility
MUST BE ELIGIBLE FOR SC CLEARANCE
Why this role matters
Your work will directly strengthen the security posture of a major national digital screening platform, ensuring consistency, resilience, and trustworthiness across dozens of critical public‑facing services.
Required education
None
Required technical and professional expertise
* Strong background in DevSecOps principles including shift‑left security, automated testing, secure SDLC, and cloud‑native security engineering.
* Hands‑on experience with AWS and Azure cloud environments.
* Experience designing secure and scalable architectures, CI/CD pipelines, and infrastructure automation.
* Proficiency with IaC tools such as Terraform, ARM, Bicep, CloudFormation.
* Experience integrating security tools into CI/CD (SAST, DAST, dependency scanning, secrets scanning, container scanning).
* Familiarity with container orchestration and security (Kubernetes/AKS/EKS).
* Strong understanding of identity, access, network, and policy enforcement across cloud platforms.
* Ability to document runbooks, DR processes, and operational guidance.
* Excellent stakeholder engagement skills across engineering, operations, and delivery teams.
Preferred technical and professional experience
* Experience contributing to or maintaining shared libraries or open‑source tooling.
* Knowledge of audit, compliance, and security frameworks.
* Experience in large public‑sector or regulated environments.
Equal‑Opportunity Employer
IBM is proud to be an equal‑opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity or expression, sexual orientation, national origin, genetics, pregnancy, disability, neurodivergence, age, or other characteristics protected by the applicable law. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.
#J-18808-Ljbffr