DevSecOps Engineer
About Spaceflux:
Spaceflux delivers sovereign-grade optical space intelligence through a global network of optical sensors and an AI-powered cloud platform. We provide real-time tracking, characterisation, and analytics from LEO to GEO, supporting government and commercial missions with actionable intelligence in seconds. We also deliver tailored sensor system packages, specialist services, and domain intelligence consultancy.
Role Overview:
We're looking for a DevSecOps Engineer to own the security and operational integrity of the Spaceflux platform. You'll work closely with our engineering team to embed security into every layer of our software delivery pipeline, cloud infrastructure, and edge-deployed systems.
This is a hands-on role. You'll design and operate CI/CD pipelines with security baked in from the start, manage cloud infrastructure with a security-first mindset, and own our compliance posture for UK Government programmes. You won't be writing policies from a distance.
The platform is cloud-native, data-intensive, and operationally critical. We process data from sensors on five continents, handle UK Official Sensitive material, and serve government customers who have no tolerance for downtime or data compromise.
Areas of Responsibility:
- Own the security posture of the Spaceflux platform: threat modelling, vulnerability management, penetration test remediation, and incident response.
- Design and maintain secure CI/CD pipelines, integrating SAST, DAST, dependency scanning, and container security tooling.
- Manage cloud infrastructure (Azure) using infrastructure-as-code, with security controls, secrets management, and least-privilege access enforced by default.
- Lead on compliance requirements for UK Government programmes, including Cyber Essentials Plus, ISO 27001, and defence data handling standards.
- Work with engineering to define and enforce secure coding standards and review practices.
- Own observability and alerting for security events across cloud and edge environments.
- Support security review processes for new features, third-party integrations, and infrastructure changes.
Essential Skills and Experience:
- Strong background in cloud security, ideally on Azure, with hands-on experience of IaC tooling (Terraform, Bicep, or equivalent).
- Proven experience building and operating secure CI/CD pipelines in production environments.
- Solid understanding of network security, identity and access management, and secrets management in cloud-native architectures.
- Experience supporting UK Government security compliance: Cyber Essentials Plus, DSPF, or equivalent frameworks.
- Able to work effectively with development teams: comfortable reviewing code, writing runbooks, and shipping tooling yourself.
- A sole British national, eligible for UK security clearance (at UK eyes only). This role involves working on UK Official Sensitive programmes.
Desirable Skills and Experience:
- Experience with edge computing or distributed systems in operational environments.
- Familiarity with satellite systems, aerospace, or defence sectors.
- Experience with SIEM platforms
- Relevant certifications: AZ-500, CISSP, CISM, or similar.
Other Requirements:
- London-commutable, with approximately one day per week in our central London office.
- Able to travel occasionally within the UK and internationally to collaborate with the wider Spaceflux team.
- Able to maintain access to a reliable broadband connection.