Job Description
DevSecOps Engineer | £40-50k DOE | 1 day onsite | Active or Eligible for SC/DV Clearance essential
We're working with a growing cyber security consultancy looking to hire a DevSecOps Engineer to play a key role in strengthening security across complex cloud and on-prem environments.
This is a hands-on, security-focused position centred around identifying, prioritising and remediating vulnerabilities at scale - working closely with engineering teams to ensure risks are not just found, but properly fixed.
You'll sit within a team focused on improving real-world security posture, using DevOps and Infrastructure as Code to deliver consistent, scalable remediation across environments.
If you're someone with a strong DevOps background who has moved into security - or a security engineer with solid automation and IaC experience - this role offers the chance to have genuine impact across multiple client environments.
Salary: £40-50k DOE
Package: Up to 31 days annual leave + expenses & overnight bonus
Working Structure: Remote for the first 6 months followed by 1 day onsite in Stevenage or Bristol
Security Clearance: Due to the nature of work, candidates miust undergo security clearance processes, therefore must hold only British citizenship.
Start date: ASAP
Key Responsibilities:
* Own the end-to-end vulnerability lifecycle - from identification and validation through to remediation, verification and closure
* Identify and remediate vulnerabilities across cloud (Azure/AWS) and on-prem environments
* Use security and posture management tooling (e.g. Defender for Cloud, Azure Advisor, AWS Inspector, Security Hub) to detect and prioritise risks
* Translate security findings into clear, actionable remediation plans
* Work closely with engineering teams to implement secure fixes, ensuring changes are properly tested and deployed safely
* Remediate vulnerabilities through patching, configuration hardening and application of security controls
* Validate remediation through re-scanning and verification processes
* Deploy and scale fixes using Infrastructure as Code (Terraform) and DevOps practices across multiple environments
* Produce clear documentation covering risk, root cause, remediation and residual risk
* Track and report on vulnerability trends, SLAs and security posture improvements
* Continuously improve vulnerability management processes, including triage, prioritisation and exception handling
* Support the implementation of secure configuration baselines and security best practices
Key Skills & Experience:
* Strong background in DevOps, Platform Engineering or DevSecOps
* Hands-on experience with Infrastructure as Code (Terraform)
* Experience working within cloud environments (Azure and/or AWS)
* Exposure to vulnerability management or security tooling (e.g. Defender for Cloud, Tenable, Nessus, AWS Inspector)
* Experience improving security posture across infrastructure, configurations or applications
* Understanding of security best practices, system hardening and secure configuration
* Comfortable working across both cloud and on-prem environments
If this sounds like you, apply now for immediate consideration.
Oscar Associates (UK) Limited is acting as an Employment Agency in relation to this vacancy.
To understand more about what we do with your data please review our privacy policy in the privacy section of the Oscar website.