* Reference Number: DevSecOps Engineer
* Location: Manchester / Leeds England
* Salary : c£80,000 plus benefits
* Sector: Cyber Security
A leading Financial Services organisation is looking for a Lead DevSecOps Engineer to add value to the existing Information Security team. Banks, FS experience advantageous but not paramount. Client will accept individuals from Aviation, Airlines, Healthcare, Pharma.
You must be eligible to live and work in the UK, with 5+ years in a similar (InfoSec/CS role) work within defined parameters in a highly regulated industry and be available to start at short notice.
Key skills for this role are: DevOps, SDLC, Vulnerability Management, Risk Management, and Risk Mitigation (in a DevSecOps environment).
* Work with the lead and domain engineers to formulate solutions
* Specify secure design requirements and acceptance criteria for DevOps or software development feature teams
* Define secure designs for security architecture building blocks
* Provide hands-on support during investigations and PoCs
* Take solution ownership from inception to delivery
* Embedding security into DevOps and CI/CD
* Promote ‘security is codified’ as a key platform principle
* Contributing to security engineering patterns to be applied across multiple cloud providers and technologies
* Preparing engineering artefacts and owning the lifecycle of those artefacts
* Reviewing configurations and Infrastructure as Code for security weaknesses
* Supporting architects in taking designs through the appropriate governance and sign-off
* Act as an SME for security engineering related topics and issues
* Contributing to Threat Models
Minimum Qualifications:
* Specialised working security engineering knowledge of two or more domains e.g. Cloud, DevOps, AppSec, IAM, API, Networking, Crypto, Big Data
* Experience working in fast-paced agile environments is essential
* Preferably hold an industry recognised security certification or degree e.g. OSCP, GIAC
* Experience implementing industry best practice security standards in large organisations
* Detailed knowledge across a broad range of security domains
#J-18808-Ljbffr