As a DevSecOps Engineer, you'll be a hands-on contributor to the design, build, and operation of our internal platform. This is a delivery-focused role, working closely with SRE, Cloud, and Application Security teams to embed security controls, guardrails, and best practices directly into tooling, pipelines, and infrastructure.
You'll help define how security is applied at scale in a pragmatic, developer-friendly way, influencing engineering culture through code, automation, and clear technical standardsraising the baseline for security and operational excellence across the organisation.
The Tech Stack
You'll work with a modern, cloud-native platform, including:
* Cloud & Networking: AWS (multi-account, IAM, VPC, managed services), hybrid/on-prem connectivity
* Containers & Orchestration: Docker, Kubernetes (EKS, ECS)
* Infrastructure as Code: OpenTofu, Terragrunt, CloudFormation
* CI/CD: GitLab CI, reusable components, self-hosted runners
* Security & Identity: Microsoft Entra, AWS IAM, OIDC, secrets management, policy-as-code
* Observability: Centralised logging, metrics, tracing (e.g. Datadog, OpenTelemetry)
* Platform Automation: Declarative configuration and infrastructure management
* Internal Tooling: Developer-facing tools and services built with Python, Go, and modern frontend frameworks
* Version Control: Git, merge requests, and code review workflows
We value strong fundamentals over specific toolsif you understand the principles, you'll thrive here.
What You'll Do
* Design, build, and operate secure cloud and platform capabilities
* Embed security controls across the software delivery lifecycle by default
* Build and maintain fast, reliable, secure CI/CD pipelines and reusable components
* Automate security, compliance, and operational checks
* Partner with engineering teams to remove friction and improve workflows
* Contribute to platform architecture, standards, and technical direction
* Promote ownership, continuous improvement, and pragmatic DevSecOps practices
Key Requirement
* Hands-on experience as a DevSecOps Engineer, Platform Engineer, Cloud Security Engineer, or similar role
* Strong understanding of DevSecOps principles, including CI/CD, infrastructure as code, and security automation
* Solid experience working in AWS environments
* Practical knowledge of containerised workloads and Kubernetes
* Clear communication skills and the ability to work effectively across teams
* A focus on raising engineering standards through practical, scalable solutions
Why Holland & Barrett?
You will be joining at a point where the platform is still being actively shaped, with real scope to influence how security and delivery work across the organisation.
This role offers autonomy, technical ownership, and the opportunity to build foundational capabilities that directly impact hundreds of engineers. We offer a competitive salary, comprehensive benefits, and flexible working arrangements.
If you enjoy building secure platforms that developers actually love, we'd love to hear from you.
#LI-CF1
What we offer:
Wellbeing & Lifestyle Benefits
* Health Cash Plan
* Life Assurance
* Bonus Scheme - Based on company & personal performance
* Virtual GP
* Private Medical care
* FREE at-home blood test kit
* Holiday Purchase option
* Pension Contribution scheme
* Access to Wellhub' with gyms, studios and wellbeing apps
Discounts & Savings
* 25% Colleague Discount with FREE Standard Delivery
* Exclusive Discounts from a wide range of partners
* £/50 Annual Product Allowance to spend in store
Learning & Development
* Access to a variety of learning opportunities, including Level 2-5 Apprenticeships, Workshops and our Digital Learning Library
* AND MORE!
Holland and Barrett is an equal opportunity employer. We welcome diverse perspectives and are committed to creating an inclusive environment for all colleagues. We understand that when our colleagues are listened to, respected and valued for who they are, we build an organisation with belonging at its heart making health and wellness a way of life for everyone.
Holland & Barrett does not accept unsolicited resumes from search firms/recruiters. Please do not forward resumes to our job alias, employees, or any other company location. Holland & Barrett is not and will not be responsible for any fees if a candidate submitted by a search firm/recruiter unless otherwise agreed with respect to specific open position(s).