DevOps Engineer

Our client is a fast-growing SaaS platform focused on helping customers make the most of their savings by providing access to a wide range of financial products.

They work with financial institutions such as wealth managers, fintechs, banks, and advisors, offering tools that enable better returns on cash, stronger client engagement, and simpler operations. Their mission is to help savers get more value from their cash.

This role is 3 days a week in Leeds

The role

They need a skilled and proactive DevSecOps Engineer to take ownership of security frameworks, testing, and the hands-on implementation of secure systems.

You will join the Engineering team and play a key role in embedding security practices throughout the software development lifecycle, ensuring systems are secure by design. This is a hands-on role requiring strong experience in security testing, framework design, automation, and building secure, scalable infrastructure.

Key responsibilities

Secure CI/CD pipelines

  • Design, build, and maintain secure CI/CD pipelines by embedding security tools and practices into the development workflow.

Infrastructure security

  • Integrate and manage security tools for code analysis, vulnerability scanning, container security, and dependency management.
  • Implement and manage security controls across cloud infrastructure, using infrastructure-as-code tools with a security-first mindset.

Vulnerability management

  • Perform regular automated security assessments, including vulnerability scanning, supporting penetration testing, and remediation planning.

Automation

  • Automate security testing processes (including SAST, DAST, and IAST) to identify and remediate vulnerabilities earlier in the SDLC.

Collaboration

  • Work closely with development and information security teams to promote a strong DevSecOps culture and ensure best practices are followed.

Monitoring and reporting

  • Establish and maintain monitoring systems to detect threats and anomalies, providing actionable insights to mitigate risk.
  • Build security monitoring and alerting capabilities using SIEM tools or cloud-native monitoring solutions.

Technical expertise

  • Strong hands-on experience with CI/CD tools (e.g. Jenkins, GitLab CI, GitHub Actions, CircleCI).
  • Hands-on experience with infrastructure-as-code tools such as Terraform or CloudFormation.
  • Experience securing cloud platforms (AWS preferred) and containerised environments (Docker, Kubernetes), with a strong focus on security.
  • Scripting and automation skills using Bash, Python, or similar languages.
  • Solid understanding of secure coding practices, application security principles, and relevant compliance frameworks.
  • Experience implementing security tools such as SAST/DAST solutions, vulnerability scanners, and cloud security tooling (e.g. OWASP ZAP, SonarQube, Snyk, tfsec, Trivy, cloud-native security services).
  • Experience with monitoring and logging platforms such as ELK or cloud-native observability tools.
  • Hands-on experience with SIEM systems and threat detection.
Apply Now
Apply Now

Job Details

Company
SearchWorks
Location
Leeds, UK
Posted