DevSecOps Engineer

Job Title: DevSecOps Engineer

Department: IT

Reports to: IT Director

Location: Remote (Some site visits may be needed)

We are a dynamic and innovative technology company seeking a talented and experienced DevSecOps Engineer to join our team. Our ideal candidate is passionate about technology, cybersecurity, and finding ways to integrate security into the development lifecycle seamlessly. We prioritise innovation, learning, and the constant evolution of our security practices, and we look forward to welcoming someone who shares these values.

In the DevSecOps Engineer role, your primary responsibility will be to integrate security practices into our DevOps processes. You will work closely with both our software development teams and IT operations to ensure our products are designed, implemented, and delivered securely.

Key responsibilities include:
– Collaborating with development and operations teams to create and implement automated security processes in the CI/CD pipeline.
– Identifying, recommending, and implementing enhancements to improve security and scalability.
– Conducting regular security assessments and audits to identify potential vulnerabilities.
– Educating teams on security best practices, promoting a culture of security awareness.
– Assisting in incident response and problem resolution when security issues arise.
– Implementing and maintaining security tools used in the continuous monitoring and protection of our systems.

The ideal candidate will possess the following qualifications:
– Minimum of 3 years’ experience in a DevOps role with a focus on security, or a cybersecurity role with heavy exposure to DevOps practices.
– Proficient in script languages such as Python, Perl, or Bash.
– Extensive experience with Linux/UNIX systems and the best practices for deploying applications to those stacks.
– Strong experience with containerisation technologies (Docker, Kubernetes, etc.).
– Proficient with CI/CD tools (e.g., Jenkins, Travis CI, Circle CI).
– Experience with infrastructure as code technologies like Ansible, Terraform, or Puppet.
– Knowledge of cloud services (AWS, Google Cloud, Azure) and experience deploying and managing services in a cloud environment.
– Solid understanding of common security protocols and systems, with a focus on application and network security.
– Experience with security tools such as IDS/IPS, DAST, SAST, and vulnerability scanning.
– Exceptional problem-solving skills and ability to work under pressure.
– Excellent communication skills with the ability to foster a culture of security awareness.

Desirable skills include:
– Relevant certifications (CISSP, AWS Certified Security Specialty, Certified Ethical Hacker, etc.).
– Familiarity with legal and regulatory standards related to information security (e.g., ISO 27001, GDPR, HIPAA).

What we offer:
– Competitive compensation and benefits package.
– Flexible work schedule and the ability to work from home.
– Continuous learning opportunities.
– Inclusive and diverse work environment.
– An exciting, fast-paced environment where you can have a direct impact on the company’s success.

We are an equal opportunity employer and value diversity at our company. We do not discriminate based on race, religion, colour, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.