We are Distributed: we help businesses deliver technical projects better than ever before through our on-demand Elastic Teams.
Last year alone Distributed won 5 awards including 2 awards for growth, most disruptive startup in Startups 100, Winner in the Deloitte Fast 50 UK, a winner in the Red Herring Europe Top 100, and winner of a global award for Outstanding Reward & Recognition for remote working from The Omnis.
This year BT Digital signed a £30m deal with Distributed to accelerate its digital transformation and innovation agenda by rapidly bringing together multi-skilled digital teams.
We do things differently, we move fast, we are recognised as leaders in our sector, and we look after our people. We are a people company that uses technology to deliver beyond client expectations.
Join us if you want to be part of our Elastic Team community that’s shaping the future of freelance working..
DevSecOps Engineer – Industrial AI Platform Role Summary
You'll own security implementation across our AI deployment pipelines - from AWS EC2 development environments to air-gapped industrial sites. This hands-on role combines security engineering, infrastructure automation, and operational reliability for a platform deploying mission-critical ML models at the edge.
Key Responsibilities
Infrastructure Security Automation
* Develop and maintain OpenTofu modules for consistent VM provisioning across environments
* Harden EC2 and on-prem VM templates with Ansible security playbooks
* Implement least-privilege IAM policies and secure network configurations
* Design secure bootstrapping processes for production environments
Kubernetes Deployment Security
* Secure our K3s clusters with proper pod security policies and network isolation
* Implement robust RBAC models with granular permissions
* Design secure inter-service communication patterns
* Build security monitoring for cluster components and workloads
CI/CD Pipeline Hardening
* Integrate automated security scanning into build pipelines (container scanning, SCA, SAST)
* Implement secure artifact management with signing and verification
* Build proper secrets management for deployment pipelines
* Establish secure container base images and build processes
Operational Security & Reliability
* Design secure update mechanisms for air-gapped environments
* Implement monitoring, alerting and incident response automation
* Build comprehensive logging and audit trails across environments
* Develop metrics for tracking security and reliability KPIs
Security Reporting & Governance
* Create security dashboards for visibility into system security posture
* Build automated compliance validation for industrial requirements
* Develop practical security documentation and runbooks
* Run internal security reviews and share findings with engineering teams
Tech Stack
* Kubernetes (K3s for edge deployment, Kind for local dev, EKS for cloud)
* OpenTofu (planned) and Ansible for infrastructure automation
* AWS EC2 for development/test environments, on-prem for production
* GitHub Actions for CI/CD pipelines
* Docker for containerisation
* Python and Bash for security tooling and automation
* SvelteKit for frontend
Requirements
Essential Skills & Experience:
* Strong experience with infrastructure-as-code security (Terraform/OpenTofu, Ansible)
* Hands-on Kubernetes security implementation (networking, RBAC, policies)
* Experience securing containerised workloads and build pipelines
* Practical security monitoring and alerting implementation
* Experience with Linux security controls including AppArmor profile development and enforcement
* Comfort working with Python, shell scripts, and CLI tooling
* Ability to balance security requirements with practical engineering trade-offs
* Experience with log aggregation and operational monitoring
Desirable Skills:
* Experience with industrial or air-gapped deployments
* Knowledge of ML/AI deployment security considerations
* Familiarity with regulated environments (finance, healthcare, industrial)
* Experience with zero-trust networking concepts
* Experience with Linux hardening for edge deployments
About You
* You're hands-on - you code solutions rather than just pointing out problems
* You find pragmatic security solutions that work in the real world
* You can explain complex security concepts to people who don't live in that world
* You balance "secure by default" with "needs to actually work"
* You're comfortable diving into unfamiliar codebases to find and fix issues