DevSecOps Engineer (up to £84,000 per annum)
London, England, United Kingdom
Immediate is home to some of the biggest and most loved consumer brands in the UK, including Radio Times, Good Food and BBC Gardeners World magazine. Our trusted, quality content reaches millions of people a month across digital, print, video, podcasts, apps and live events. We are the destination for people looking to get more from the things they love – inspiring, fueling, encouraging and educating.
About The Role
We are seeking a DevSecOps Engineer to join our growing Platforms & Security team. This is a hands‑on role for someone passionate about automation, cloud operations, and security by design. You’ll be responsible for ensuring our platforms, products, and infrastructure are secure, resilient and scalable while working closely with developers, QA and product teams.
You’ll combine DevOps best practices with modern security engineering approaches to embed security throughout the software delivery lifecycle, strengthen our cloud infrastructure and proactively protect our customers’ data.
Responsibilities
* Design, build and maintain secure and scalable infrastructure in AWS using Terraform, Kubernetes and Docker.
* Embed security into the CI/CD pipeline (Jenkins, GitHub Actions, CodePipeline) including SAST/DAST and dependency scanning.
* Collaborate with developers and product teams to promote DevSecOps practices, threat modelling and secure coding standards.
* Conduct security assessments of applications, services and infrastructure, identifying vulnerabilities and recommending remediation.
* Operate, tune and extend monitoring, logging and alerting systems for both performance and security.
* Manage DNS, CDN, caching, firewalls, load balancers and WAFs to ensure secure and performant web delivery.
* Respond to and resolve security incidents and platform issues, driving continuous improvement and automation of responses.
* Keep documentation current, including runbooks, incident playbooks and security procedures.
* Stay ahead of industry trends, emerging threats and new DevSecOps tools.
Requirements
* Strong background in cloud infrastructure (AWS preferred: EC2, Lambda, RDS, Route53, ELBs, EKS).
* Proven experience with CI/CD automation and infrastructure‑as‑code (Terraform, Ansible, Jenkins, Git/GitHub).
* Proficiency in containerisation (Docker, Kubernetes) and managing production workloads.
* Solid understanding of security frameworks (CIS, OWASP) and common vulnerabilities (OWASP Top 10, misconfigurations, supply‑chain risks).
* Experience with application and infrastructure monitoring (e.g. Prometheus, Grafana, ELK, CloudWatch).
* Knowledge of Linux‑based systems (LAMP stack, Nginx, Varnish, MySQL/Postgres, Mongo) with performance tuning and hardening experience.
* Strong grasp of networking and security protocols (TCP/IP, SSL/TLS, DNS, NAT, firewalls, load balancers, WAFs).
* Familiarity with code security tools (SAST, DAST, dependency scanners) and integrating them into pipelines.
* Excellent problem‑solving, communication and cross‑team collaboration skills.
* Disaster recovery process and GDPR compliance experience.
Desired
* Knowledge on PCI DSS.
Benefits
* A relaxed working environment with regular socials including a summer festival.
* Supportive well‑being initiatives and benefits, talks & workshops, and Mental Health First Aiders & Champions.
* 25 days holiday plus a day for your birthday. Our offices will be closed between Christmas and New Years which are in addition to your annual entitlement.
* Tailored training and development through both our in-house learning platform and LinkedIn Learning.
* A progressive and transparent culture focused on your development.
* Flexible / hybrid working plus early finish Fridays.
* Cycle‑to‑work scheme.
* Enhanced Family Policies including paternity, adoption and surrogacy leave. We also provide a pregnancy loss, fertility and carers policy.
* Competitive pension plans and life assurance.
* A newly renovated modern office with lots of collaborative spaces.
People are at the heart of our business and creating a diverse and inclusive working environment is extremely important to us. Immediate is an equal opportunities employer. We never treat anyone less favourably because of their sex, gender reassignment, pregnancy and maternity, marital/civil partnerships, sexual orientation, race, nationality, ethnic origin, age, religion or belief or disability. We are also committed to supporting applications from those who are returning to work following a career break, maternity leave or caring responsibilities. Immediate is a place where you can grow, be supported and make a difference.
#J-18808-Ljbffr