DevSecOps Engineer

Posted 14 July 2023
Salary £90000 - £150000 per annum
LocationManchester
Job type Permanent
Discipline DevelopmentInfrastructure ​
ReferenceZJ-32-17
Contact NameZak Jones

Job description

Job Title: DevSecOps Engineer
Location: Manchester, United Kingdom (on-site)
Salary: up to £150,000 per annum

Job Description:
As a DevSecOps Engineer, you will play a crucial role in ensuring the security and reliability of software systems. You will collaborate closely with cross-functional teams to integrate security practices into our development, deployment, and operations processes. Your primary responsibility will be to design, implement, and maintain robust security controls and processes across our entire technology stack.

Responsibilities:
  • Develop and implement DevSecOps strategies and best practices to ensure secure software development and deployment processes.
  • Collaborate with development, operations, and security teams to integrate security controls and practices throughout the software development lifecycle.
  • Conduct regular security assessments, vulnerability testing, and code reviews to identify and address potential weaknesses and risks.
  • Design and implement security monitoring, logging, and incident response systems.
  • Stay up to date with the latest security threats, vulnerabilities, and industry best practices.
  • Automate security processes to enhance efficiency and reduce manual effort.
  • Provide guidance and training to development teams on secure coding practices and security-related tools.

Experience/Qualifications:
  • Bachelor's degree in Computer Science, Engineering, or a related field (or equivalent experience).
  • Extensive experience in a DevSecOps or similar role, with a focus on security practices within an agile development environment.
  • Strong knowledge of cloud platforms (AWS) and experience in securing cloud-based applications and infrastructure.
  • Solid understanding of containerization technologies (Docker, Kubernetes) and container security practices.
  • Proficiency in scripting and automation using languages like Python, PowerShell, or similar.
  • Experience with security tools and technologies, including vulnerability scanners, code analysis tools, and intrusion detection systems.
  • Familiarity with industry security frameworks and standards (e.g., OWASP, NIST, ISO 27001).
  • Excellent problem-solving and analytical skills, with the ability to identify and address security vulnerabilities and risks.
  • Strong communication skills and the ability to collaborate effectively with cross-functional teams.