DevSecOps Engineer (London Area)

About Hazeltree Fund Services Inc.

Hazeltree is a global leader in cloud-based treasury solutions, empowering investment firms with cutting-edge technology to optimize financial performance, enhance liquidity, and mitigate risk. As part of our commitment to security and innovation, we are expanding our Information Security Team and seeking a DevSecOps Engineer to drive security automation and best practices across our cloud infrastructure and IT operations.

Job Overview

As a DevSecOps Engineer , you will play a pivotal role in integrating security practices into our DevOps pipeline and IT operations . Working at the intersection of operations, security, and development , you will collaborate closely with internal teams to safeguard critical business operations by design and default. You will be responsible for security automation, CI/CD pipeline enhancements , and cloud security management , ensuring compliance with industry standards.

Key Responsibilities

Security & DevOps Integration:

• Support and extend the secured CI/CD pipeline to enhance development security.
• Work with development teams to optimize infrastructure security.

Cloud & Infrastructure Security:

• Maintain and secure AWS cloud infrastructure for clients and internal operations.
• Automate AWS infrastructure builds following CIS hardening standards .
• Ensure top-tier security configuration, access management, and incident response on cloud platforms.

Operational Support & Incident Response:

• Support business-critical Windows and Linux-based environments.
• Monitor and respond to security alerts across Infosec, servers, firewalls, and applications.
• Conduct continuous monitoring of internal and third-party information security controls.

Threat & Vulnerability Management:

• Assess SAST (Static Application Security Testing) and DAST (Dynamic Application Security Testing) scans.
• Implement remediation and mitigation strategies in collaboration with development teams.
• Maintain network security protocols, firewalls, and threat management platforms .

Compliance & Risk Management:

• Ensure compliance with ISO 27001:2022, SOC1 Type2, and SOC2 Type2 standards.
• Provide support for security audits, policy implementation, and KPI/KRI monitoring .

Qualifications & Requirements

Technical Skills:

Cloud & Security Expertise:

• Hands-on experience with AWS (or other cloud-based solutions) .
• Strong understanding of secured Software Development Lifecycle (SDLC) and CI/CD platforms .
• Familiarity with OWASP, CIS frameworks, and security best practices .

Infrastructure & Scripting Knowledge:

• Proficiency in Microsoft platforms (Office 365, IIS, .NET, SQL Server, Windows Server, Active Directory).
• Strong scripting skills in PowerShell (highly beneficial).
• Experience with Cloud-based security tools (email security gateways, IAM, endpoint security, threat management).

DevOps & IT Service Management (ITSM):

• Experience with Jira (Atlassian automation), ServiceNow, or other ITSM platforms .
• Understanding of incident management processes and security KPIs.

Networking & Compliance:

• Strong knowledge of network security protocols, vulnerability management, and firewalls .
• Proven experience in security compliance frameworks and industry regulations .

Soft Skills:

• Analytical & Problem-Solving: Ability to analyze security risks and develop practical solutions.
• Communication: Ability to explain complex security topics to both technical and non-technical stakeholders.
• Collaboration: Experience working in cross-functional teams with a proactive, team-first mindset.
• Adaptability & Resilience: Ability to stay composed and think strategically in high-pressure situations.
• Ethical Integrity: Strong sense of responsibility for data confidentiality and compliance with privacy regulations.

Education & Certifications:

• Bachelor’s degree in Computer Engineering, Cybersecurity, or a related field.
• 3+ years of experience in a DevOps or DevSecOps role .
• Bonus Certifications (Preferred, not required):
• AWS Certified DevOps Engineer
• AWS Solutions Architect
• AWS SysOps Administrator
• Certified DevSecOps or other security-related certifications

What We Offer

• Competitive salary and performance-based incentives.
• Comprehensive benefits package , including health, dental, and vision insurance.
• Retirement savings plan with employer contributions.
• Opportunities for professional growth, training, and certifications .
• A dynamic and collaborative work environment at the forefront of cloud security and treasury technology.

How to Apply

Interested candidates should submit their resume and a cover letter to Careers@hazeltree.com with the subject line: DevSecOps Engineer Application – [Your Name]

Hazeltree Fund Services Inc. is an equal opportunity employer committed to diversity, equity, and inclusion.