Location: Remote Position Type: Permanent Key Responsibilities: As the Lead DevSecOps Engineer, your primary responsibilities will be: Work alongside the Principle DevOps Engineer design, secure & deliver Cloud Landing Zone(s) across multiple environments and geographies, primarily on AWS followed by Azure & GCP. The delivery of a Cloud agnostic ecosystem of tooling and operational processes, based on DevSecOps, CICD & FinOps best practices, to deliver and maintain Landing Zone(s) including automated Account vending & inflation. Be the driving technical force behind the delivery & operation of Landing Zone(s) and supporting automation following DevSecOps practices to be secure-by-design. Work closely with the QA Team to ensure both the Landing Zone(s) and application services are delivered securely & consistently. Support the Lead DevOps Engineer & team as they build Kubernetes based microservices on the Landing Zone(s) and supporting tooling &/or pipelines that you will deliver. You will be collaborating closely with cross-functional teams & personnel, where design inputs & requirements are expected to be fluid & changeable. In addition to technical leadership skills, you will be expected to: Lead team of DevSecOps Engineer(s) (including recruitment). Mentor junior members of the wider team & organisation as/when required. Deputise for the Principle DevOps Engineer as/when required. Position Overview: Landing Zone Delivery: Build and secure the AWS Landing Zone using AWS Organisations & Control Tower, enabling Account vending & management via Account Factory for Terraform (AFT). Continuous Integration/Continuous Deployment (CI/CD): Ensure secure & effective testing and deployment of Landing Zone(s) using CI/CD best practices to enable efficient, secure software & infrastructure delivery. Infrastructure as Code (IaC): Deliver services using Infrastructure as Code (IaC) code and templates to test, provision, configure, and manage infrastructure components using tools such as Terraform, Ansible, or similar. Automation: Be the drivering force for the automation of infrastructure provisioning and orchestration to streamline deployment processes, ensuring consistency and reliability across multiple environments & regions. Security: Working closely with the Security Architect & Principle DevOps Engineer, you will ensure security of the Platform / Landing Zone(s), including remote access. Documentation: Ensure effective documentation to ensure a clean handover of Cloud environments to Ops & SRE teams. Infrastructure Maintenance: Ensure the effective monitoring of infrastructure components to ensure optimal performance, scalability, and reliability. This will include self-healing capabilities. Support for Developers and QA: Collaborate with development and QA teams to provide guidance and support in building automated testing and deployment pipelines. Infrastructure Optimization: Identify opportunities for infrastructure optimization, cost reduction, and performance improvement. Documentation: Maintain detailed documentation of infrastructure configurations and deployment processes. Qualifications: Demonstrable experience of lead Engineering or technical leadership role(s). Demonstrable experience of DevSecOps practices and the promotion thereof. Strong understanding of Infrastructure as Code (IaC) principles and practices. Strong understanding of AWS Landing Zone best practices Strong understanding of cloud computing platforms (primarily AWS, but Azure &/or Google Cloud is beneficial) and on-premises environments. Proficiency in IaC tools and scripting languages (e.g., Terraform, Ansible, Python, etc.). Experience with containerization and orchestration tools (e.g., Docker, Kubernetes). Excellent problem-solving and analytical skills. Strong communication and collaboration skills. Ability to work effectively in cross-functional teams. Key Technical Skills: Terraform (Terraform cloud / HCP Terraform knowledge an advantage) GitHub & GitHub Actions AWS Organisations AWS Control Tower (including Account Factory for Terraform - AFT) Python (including curating Python packages) Centric Software provides equal employment opportunities to all qualified applicants without regard to race, sex, sexual orientation, gender identity, national origin, color, age, religion, protected veteran or disability status or genetic information. Powered by JazzHR