DevSecOps Specialist

Contract duration - 6 months Location - Waterside - UB7 0GB Hybrid - 1 day per week from office and rest days from homeOur client has a varied and complex digital landscape. The DevSecOps specialist will report to DevSecOps manager in the Cyber Architecture team. Working closely with the Cyber team as well as the digital team to ensure cybersecurity is embedded across all digital platforms.Key skills & Responsibility

• Lead the integration of security into the software development lifecycle (SDLC) using DevSecOps principles.
• Define and implement release strategies with a strong emphasis on application security.
• Identify and remediate security vulnerabilities through detailed code reviews and automated tooling.
• Collaborate with cross-functional teams to establish secure coding standards and quality benchmarks.
• Provide expert consultancy and guidance to engineering teams, enabling them to meet strategic security goals.
• Drive adoption of security best practices across CI/CD pipelines and cloud-native environments.

Accountabilities

• Provide technical cyber leadership across all development teams, focusing on application security for our various digital platforms (web and mobile).
• Secure our CI/CD pipelines and provide improvement plans and requirements to those that use them, while overseeing the consistent adoption of secure practices across teams.
• Support the vulnerability management process, raising awareness and embedding secure development principles with development teams.
• Evaluate, implement, support and communicate new tools and features to improve our security posture whilst supporting, consulting, and measuring the progression of adoption across our platform and development teams.
• Establish security testing approaches and tools to support iterative agile delivery, ensuring alignment with organisational objectives and secure development practices.
• Lead cyber digital reviews to promote consistency, quality, and alignment to cyber principles and patterns.
• Effectively communicate, reason, and influence stakeholders across business tech to promote the understanding of cyber digital security and embed it throughout design and delivery.
• Actively participate in and contribute to the client's cybersecurity guilds, driving innovation and alignment in digital security approaches.
• Support the client's Cyber Delivery Assurance Team and the wider business Cyber Team by acting as a subject-matter expert on all things digital security.
• Support the client's Cyber Change Team by assisting in change reviews.

Required Skills & Experience:

• Proven experience in application security within a DevSecOps framework.
• Strong background in software engineering, with the ability to bridge development and security.
• Experience identifying security issues through code review.
• Recognised cybersecurity certifications or qualifications desirable.
• Deep technical expertise in security tools and methodologies, including:
• Static Application Security Testing (SAST)
• Dynamic Application Security Testing (DAST)
• Software Composition Analysis (SCA)
• Threat Modelling
• Demonstrated success in leading or advising teams on secure development practices.
• Senior-level experience with a solid understanding of cloud migration challenges and solutions.

What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now.If this job isn't quite right for you, but you are looking for a new position, please contact us for a confidential discussion about your career.

Hays Talent Solutions is a trading division of Hays Specialist Recruitment Limited and acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at hays.co.uk