Hybrid- 1-2 days perm month on site (offices located in the Southeast, Northwest and Scotland)
6 month initial contract
Senior DevSecOps Engineer required to work for a leading financial services company. We require a hands-on technical specialist responsible for building, securing, and automating cloud-native platforms and software delivery pipelines. The role plays a critical part in embedding security controls into engineering workflows.
Responsibilities
* Design, build, and secure AWS cloud environments aligned to best practices
* Develop and maintain Infrastructure as Code (Terraform), including reusable secure modules
* Secure Kubernetes platforms (cluster hardening, network policies, secrets management)
* Embed security controls into CI/CD pipelines (SAST, DAST, SCA, secret scanning)
* Automate security processes and remediation to improve efficiency and consistency
* Collaborate with engineering teams to identify and resolve vulnerabilities
* Operate and enhance cloud security tooling (e.g. Wiz)
* Support containerised workloads across production and non-production environments
Experience Required
* Strong hands-on experience in DevSecOps, cloud security, or platform engineering gained in financial services/highly regulated environment
* Deep expertise in:
* AWS (IAM, networking, monitoring, security services)
* Terraform (modules, state management, secure patterns)
* Kubernetes security and workload protection
* CI/CD security tooling and automation
* Experience with Wiz or similar cloud security platforms
* Strong understanding of secure SDLC and DevOps practices
* Exposure to at least one programming/ infrastructure as code language e.g. Python and Terraform
* Solid understanding of cloud networking
* A pragmatic, delivery-focused approach to security
* Experience with Cloudflare or edge security services
* Exposure to AI-driven security solutions (e.g. security agents, MCP integrations)
* Involvement in AI security proof-of-concepts or production use cases
#J-18808-Ljbffr