The Tesco Mobile Engineering team is a truly cross functional team responsible for both the functional software development as well as the running and operation of tailored and product / SaaS based IT solutions. You will be working within a very diverse team of highly motivated and dedicated individuals on business-critical infrastructure management. Our teams are motivated and challenged, working in sprints across a range of technologies which together provide huge benefit to the wider business. We are the Run and Operate Chapter which manages the platforms and infrastructure used by many of the business services needed in Tesco Mobile. This role is part of the DevSecOps squad and works with the Run and Operate Chapter Lead. The DevSecOps squad is responsible for the management of the infrastructure that powers all the Engineering systems and applications. The squad is also responsible for the software development tools and pipelines used across Tesco Mobile. The Squad consists of - DevSecOps Engineers - AWS DevSecOps Engineers - Azure Kubernetes Engineers Platform Automation Engineers Product Owner QA Automation Engineers As a DevSecOps Engineer you will be helping the team manage and deploy the environment in a secure and optimised manner. This will include managing the logging and SIEM aspects of the infrastructure and coordinating with application development teams to resolve issues. You will also work with the rest of the squad to incorporate more security checks into the CI/CD pipeline. The role will include validation of planned changes to ensure that they comply with best practice and will also involve working with the Tesco Mobile Cyber Security Team. Be a great teammate – live the Tesco Mobile values. Work with the Chapter Lead to agree improvements to the security of the infrastructure and applications. Define and refine infrastructure security standards. Act as the domain authority for infrastructure security. Work with the application development teams to refine logging to derive valid insights. Work as part of the team to solve complex cross-business technical problems. Creating business justifications for security improvements and present these to Product Owners and other stakeholders in an articulate manner for an audience that may not be technical. Share knowledge with other members of the squad. Significant commercial experience with security operations management. Significant experience with cloud providers (mainly Azure). Experience automating tasks using PowerShell or Azure CLI. Experience using Azure Security Hub and other tools to improve cloud security posture. Experience maintaining and updating infrastructure using Terraform. Willingness to learn new skills. Nice to have: Experience with AWS environments Source code systems and branching strategies; Github and Github Actions. Experience in a commercial setting using and managing Splunk including defining data streams, indices and ingests and dashboards. Experience of CI/CD pipelines and adding security tooling to these. Experience using SAST and other techniques to improve code security. Automation experience using a variety of tools and languages including AWS CLI, python, etc. Containerisation technologies; Docker and Kubernetes. Exposure to Continuous Integration and Continuous Deployment techniques, approaches and tools, including experience with the GitHub and GitHub Actions. LI-AF2 LI-Hybrid