DevSecOps Engineer

Ref: 1424Wednesday 13 September 2023

Net Talent are partnering with a scaling tech company who are a disrupter in the wealth management industry. They are in search of a DevSecOps engineer who will play a pivotal role in shaping and advancing their cutting-edge platform. As a passionate advocate for security, you will tackle intricate challenges with a pragmatic approach to platform design. Leveraging modern tools, programming languages, and platforms, your mission will be to contribute to the efficient, secure, and scalable delivery of high-performance products. 


Your Responsibilities:

  • Employ modern tooling to integrate security early in the development process, collaborating closely with development teams.
  • Review and implement security best practices, ensuring compliance through effective controls.
  • Establish security gates within the CI/CD workflows to ensure secure deployments.
  • Craft Infrastructure-as-Code to consistently build secure infrastructure.
  • Proactively manage infrastructure and code patching.
  • In addition to security, contribute to non-functional aspects of the Platform team, such as enhancing observability, expanding the data infrastructure, and maintaining deployment tooling.
  • Engage in discussions about processes and methodologies, actively introducing new ideas and challenging conventional practices. Promote a culture of psychological safety, where sharing opinions confidently contributes to achieving high-quality standards.
  • Leverage managed services to enable the team to concentrate on delivering core business value.


Qualifications: To excel in this role, you should possess at least some of the following:

  • Experience operating solutions within AWS, utilizing Infrastructure-as-Code.
  • Exposure to Audits, Compliance, and Security frameworks (ISO27001, SOC2, OWASP, SAMM, DSOMM).
  • Knowledge of embedded security, including IDE plugins, SAST, DAST, and SCA.
  • Experience conducting vulnerability scanning and penetration testing.
  • Proficiency in threat detection and prevention, including IDS, IPS, SOC, threat list blocking, and WAF/SIEM.
  • Familiarity with cloud account management tools such as AWS Control Tower, GuardDuty, Config, Security Hub, and CloudTrail.
  • Competence in identity management protocols such as SAML, OAuth, OIDC, and AWS IAM.
  • Expertise in secret management tools like AWS Secrets Manager and Parameter Store.
  • Skill in patch management, including security updates, AWS SSM, and Dependabot.