DevSecOps Engineer

Job Description:

We are seeking a skilled DevSecOps Engineer to join our dynamic team. This role will focus on integrating security practices within the DevOps process, ensuring that security is a fundamental aspect of our software development lifecycle. The ideal candidate will collaborate closely with the DevOps Tooling & Policy Lead to implement CI/CD practices, automate processes, and enhance the overall security posture of our applications.

Key responsibilities:

CI/CD pipelines and automation:

  • Collaborate with the DevOps Tooling & Policy Lead to design, implement, and maintain robust CI/CD pipelines to automate the software delivery process.
  • Integrate testing, security, and deployment processes to ensure high-quality releases.
  • Establish and document repeatable patterns for deployment, configuration, and monitoring to enhance efficiency.
  • Identify opportunities for automation in security testing and compliance checks.
  • Develop solutions to enhance the DevSecOps process, integrating tooling to drive value and enhance developer experience.

Collaboration with development teams:

  • Partner with development teams to identify bottlenecks in the SDLC and implement solutions to streamline workflows.
  • Provide guidance on best practices for version control, secure coding, and branching strategies.
  • Assist development teams onboard to standardised DevOps patterns and processes.

Tooling and technology evaluation:

  • Evaluate and recommend tools and technologies that can enhance the CI/CD process and overall developer experience.
  • Stay up to date with industry trends and emerging technologies to continuously improve practices.

Documentation and knowledge sharing:

  • Develop comprehensive documentation on security and DevOps practices, making it easily accessible to development teams.
  • Contribute to workshops and knowledge-sharing sessions to educate developers on secure coding practices and the importance of security in development.
  • Assist with the onboarding of projects and teams to the centralised DevSecOps tooling and CI/CD templates.

Experience and skills:

Qualifications:

  • Proven experience of DevSecOps and Agile software delivery.
  • Strong understanding of the SDLC, Agile, DevOps, and DevSecOps principles.
  • Familiarity with modern security practices, tools, and standards (e.g., OWASP, NIST).
  • Technical knowledge of cloud environments (AWS, Azure, GCP), containerisation (Docker, Kubernetes), and CI/CD pipelines.
  • Excellent communication skills, with the ability to articulate DevSecOps concepts to technical and non-technical stakeholders.

Preferred skills:

  • Certifications in cloud technologies (AWS Certified, Azure Security Engineer).
  • Experience in leveraging tools for security monitoring and threat detection.
  • Experience implementing re-usable pipelines using CI/CD tooling (Gitlab CI/Github Actions/Argo CD/Concourse).
  • Familiarity with secure coding principles, application and infrastructure security best practices.
Apply Now
Apply Now

Job Details

Company
Mentmore
Location
London, UK
Posted