DevSecOps Engineer

DevSecOps Engineer (Contract)

Hybrid

Contract Type: Day Rate Contract

Overview

We are seeking an experienced DevSecOps Engineer to support the secure adoption of AI-assisted software development using Claude Code. This role will focus on embedding security controls into developer workflows, securing AI-generated code throughout the software development life cycle, and ensuring robust security practices are integrated into CI/CD pipelines.

Working closely with engineering, platform, and security teams, you will help define and implement security controls that enable developers to leverage AI coding tools safely while maintaining compliance with organisational security standards.

Key Responsibilities

• Embed security controls into developer workflows that utilise Claude Code and other AI-assisted development tools.
• Integrate Static Application Security Testing (SAST) tools such as SonarQube, Semgrep, and Checkmarx into CI/CD pipelines to scan AI-generated code.
• Deploy, configure, and maintain secrets scanning solutions, including TruffleHog and GitGuardian, across repositories and Claude Code outputs.
• Design and implement secure CI/CD pipelines that support secure software delivery practices.
• Define and enforce secure code review gates and approval processes for AI-assisted development.
• Collaborate with engineering teams to establish and promote secure coding practices.
• Provide developer-facing security guidance and act as a trusted advisor on application security matters.
• Support the development of security champions within engineering teams.
• Instrument Claude Code usage and security telemetry, integrating relevant data into SIEM platforms for monitoring and detection.
• Investigate and support incident response activities relating to code security, vulnerabilities, and software supply chain risks.
• Contribute to the continuous improvement of application security controls, tooling, and processes.

Key Skills & Experience

• 5+ years of experience in DevSecOps, Application Security, or Secure Software Engineering roles.
• Strong hands-on experience with CI/CD platforms, including GitHub Actions, GitLab CI, and Jenkins.
• Proven experience implementing and managing SAST, DAST, and secrets scanning solutions.
• Experience integrating security tooling into modern software development pipelines.
• Strong understanding of application security principles, including OWASP Top 10 and secure coding best practices.
• Experience securing cloud-native and DevOps environments.
• Proficiency in Scripting and automation using Python, Bash, or similar languages.
• Experience working closely with software engineering teams in Agile delivery environments.
• Strong understanding of vulnerability management and remediation processes.

Desirable Skills & Experience

• Experience securing AI-assisted software development environments and AI-generated code.
• Familiarity with software supply chain security practices and controls.
• Experience integrating security telemetry into SIEM and monitoring platforms.
• Knowledge of developer security enablement and security champion programmes.
• Experience supporting security incident investigations and forensic activities within development environments.
• Relevant certifications such as CSSLP, GSEC, GCSA, GIAC, CISSP, or equivalent.

GCS is acting as an Employment Business in relation to this vacancy.