Role Particulars
Role Title : DevSecOps Engineer
Team : Global
Reports to : Head of DevSecOps
Location : Remote / UK - once a quarter in office
Job Description
We are seeking a skilled DevSecOps Engineer to join our dynamic team. This role will focus on integrating security practices within the DevOps process, ensuring that security is a fundamental aspect of our software development lifecycle. The ideal candidate will collaborate closely with the DevOps Tooling & Policy Lead to implement CI / CD practices, automate processes, and enhance the overall security posture of our applications.
Key responsibilities
CI / CD pipelines and automation
* Collaborate with the DevOps Tooling & Policy Lead to design, implement, and maintain robust CI / CD pipelines to automate the software delivery process.
* Integrate testing, security, and deployment processes to ensure high-quality releases.
* Establish and document repeatable patterns for deployment, configuration, and monitoring to enhance efficiency.
* Identify opportunities for automation in security testing and compliance checks.
* Develop solutions to enhance the DevSecOps process, integrating tooling to drive value and enhance developer experience.
Collaboration with development teams
* Partner with development teams to identify bottlenecks in the SDLC and implement solutions to streamline workflows.
* Provide guidance on best practices for version control, secure coding, and branching strategies.
* Assist development teams onboard to standardised DevOps patterns and processes.
Tooling and technology evaluation
* Evaluate and recommend tools and technologies that can enhance the CI / CD process and overall developer experience.
* Stay up to date with industry trends and emerging technologies to continuously improve practices.
Documentation and knowledge sharing
* Develop comprehensive documentation on security and DevOps practices, making it easily accessible to development teams.
* Contribute to workshops and knowledge-sharing sessions to educate developers on secure coding practices and the importance of security in development.
* Assist with the onboarding of projects and teams to the centralised DevSecOps tooling and CI / CD templates.
Experience and skills
Qualifications
* Proven experience of DevSecOps and Agile software delivery.
* Strong understanding of the SDLC, Agile, DevOps, and DevSecOps principles.
* Familiarity with modern security practices, tools, and standards (e.g., OWASP, NIST).
* Technical knowledge of cloud environments (AWS, Azure, GCP), containerisation (Docker, Kubernetes), and CI / CD pipelines.
* Excellent communication skills, with the ability to articulate DevSecOps concepts to technical and non-technical stakeholders.
Preferred skills
* Certifications in cloud technologies (AWS Certified, Azure Security Engineer).
* Experience in leveraging tools for security monitoring and threat detection.
* Experience implementing re-usable pipelines using CI / CD tooling (Gitlab CI / Github Actions / Argo CD / Concourse).
* Familiarity with secure coding principles, application and infrastructure security best practices.
#J-18808-Ljbffr