Senior DevSecOps Engineer

Senior DevSecOps Engineer

London/Hybrid (2 days a week in office)

Role Overview

As a Senior Engineer, your primary objective is to engineer the "paved road" for secure software development. You will architect and deploy automated guardrails, robust security tooling, and seamless integrations directly into developer workflows and cloud infrastructure. By treating security as an engineering discipline, you will partner with cross-functional teams (Platform, Cloud, Engineering, and Security Operations) to deliver scalable, low-friction security solutions that empower the organisation to ship code quickly and securely.

Core Responsibilities

Pipeline Integration & Secure Delivery

  • Embed seamless security checks (SAST, SCA, DAST, and secrets detection) directly into CI/CD workflows.
  • Optimize security tooling to ensure developers receive immediate, high-fidelity, and actionable feedback.
  • Automate infrastructure and application vulnerability scanning throughout the deployment lifecycle.

Security Engineering & Product Ownership

  • Architect, deploy, and maintain bespoke internal security services, APIs, and automation scripts.
  • Manage security tools with the rigor of a traditional software product, ensuring high availability, version control, and comprehensive documentation.
  • Apply best-in-class software engineering principles to all security initiatives.

Cloud Posture & Policy-as-Code

  • Design and enforce policy-as-code guardrails across Infrastructure-as-Code (IaC), container orchestration (Kubernetes), and cloud identity access management (IAM).
  • Collaborate alongside platform engineers to establish secure-by-default blueprints and self-service capabilities.

Threat Detection & Telemetry

  • Build and maintain reliable data pipelines that route structured security telemetry and alerts to our SIEM environments.
  • Engineer automated remediation pathways and response playbooks for security operations.
  • Oversee scanning infrastructure and vulnerability management platforms.

Culture, Advocacy & Enablement

  • Act as a security evangelist, promoting a culture of shared responsibility across engineering teams.
  • Lead enablement initiatives, including training sessions, comprehensive guides, and regular office hours.
  • Participate actively in blameless post-mortems to drive continuous organizational learning.

Technical Expertise

  • Experience: 5+ years of specialised experience in DevSecOps, Platform Security, or Security Engineering.
  • Development Skills: Strong programming and automation capabilities using languages such as Python, Go, or Bash.
  • CI/CD & IaC: Hands-on proficiency with modern CI/CD orchestrators (e.g., GitHub Actions, GitLab CI) and Infrastructure-as-Code tools (e.g., Terraform).
  • Cloud Native: Deep understanding of major public cloud providers (AWS experience is highly advantageous), encompassing cloud networking, IAM, and telemetry.
  • Security Integration: Proven track record of embedding security scanning tools (SAST, SCA, DAST, container security) into active pipelines.

Bonus Qualifications

  • Previous experience operating within highly regulated industries or financial services.
  • Familiarity with edge security (WAF/DDoS), Zero Trust architectures, and enterprise vulnerability management.
  • Experience with Security Orchestration, Automation, and Response (SOAR) technologies.
  • Relevant industry certifications (e.g., AWS Security Specialty, CKS, CISSP, GIAC).
Apply Now
Apply Now

Job Details

Company
Intaso
Location
City of London, London, United Kingdom
Posted