Dev SecOps Engineer
- Posted May 29, 2024
- £60000 - £65000 per annum + + benefits
- Fully Remote with visits to site once per month
- Permanent
Dev SecOps Engineer
Bath – Fully Remote
£60,000 – £65,000 + benefits
Fantastic new permanent opportunity for an experienced Dev SecOps Engineer with fast growing specialist Fintech business. This is a great opportunity to join a new security focussed squad within their forward-thinking engineering team you will have a unique opportunity to shape what security means to the business. As a passionate security advocate, you will navigate complex challenges and approach platform design pragmatically. Leverage modern tools, languages, and platforms to contribute to efficient, secure, and scalable delivery of high-performance products.
Main responsibilities:
- Work within a newly formed Security squad to continuously improve security posture within their cloud estate.
- Consult, advocate, and teach security best practice across engineering.
- Utilise modern tooling to shift security left, collaborating closely with development teams to ensure security is addressed early in the development lifecycle.
- Review security best practice, remediating and implementing controls to ensure compliance.
- Implementing security gates within the CI/CD workflows to ensure secure deployments.
- Write Infrastructure-as-code to build secure infrastructure repeatedly.
- Proactively patch infrastructure and code.
- Engage in debates around processes and methodologies, actively contributing fresh ideas and challenging the status quo. You’ll embrace a culture of psychological safety, confidently voicing opinions to achieve quality standards.
- Leverage managed services (where appropriate) to enable the team to focus on delivering core business value.
Skills Required:
- Proven previous experience gained working within a similar Dev SecOps engineering position.
- Strong experience securing cloud platforms, primarily AWS and Mongo Atlas.
- Exposure to Audits/Compliance/Security frameworks (ISO27001, SOC2, OWASP, SAMM, DSOMM).
- Knowledge of embedded security (IDE plugins, SAST, DAST, SCA).
- Experience performing vulnerability scanning/penetration testing.
- Threat detection and prevention (IDS, IPS, SOC, Threat list blocking, WAF/SIEM).
- Cloud account management (e.g. AWS Control Tower/GuardDuty/Config/Security Hub/CloudTrail).
- Identity management (e.g. SAML/OAuth/OIDC/AWS IAM).
- Secret management (e.g. AWS Secrets Manager, Parameter Store).
- Patch management (Security updates/ AWS SSM / Dependabot).
For any further queries regarding the role, please contact Danny Palmer at danny.palmer@sandersonplc.com