Azure DevSecOps (Outside, up to £550 pd)
We are seeking a hands-on Azure DevSecOps Engineer to drive the integration of security, automation, and compliance across our cloud environments. This role requires deep expertise in PowerShell, Bicep, and Azure DevOps/GitHub, with a strong focus on embedding security best practices throughout the software development lifecycle (SDLC).
Beyond hands-on engineering, the ideal candidate will also serve as a key security advocate, working closely with security stakeholders, architects, and leadership to define and implement a strategic security roadmap. You will help shape security policies, influence DevSecOps best practices, and ensure that security is integrated into every stage of cloud operations and development.
Key Responsibilities
1. Security-First DevOps – Embed security into DevOps pipelines, ensuring secure, automated, and compliant cloud deployments.
2. IAM & Zero Trust – Implement and manage Azure IAM, Conditional Access, and Zero Trust Architecture to enhance identity security.
3. Encryption & Key Management – Secure data using Thales Key Management, Disk Encryption Sets, and cryptographic best practices.
4. DevSecOps & Secure CI/CD – Automate security controls within Azure DevOps and GitHub, ensuring compliance from code to production.
5. Infrastructure as Code (IaC) Security – Enforce security policies within Bicep, ensuring compliance with frameworks (CIS, NIST, ISO27001).
6. Threat Detection & Response – Leverage Defender for Cloud, SIEM integration, and real-time security monitoring to detect and mitigate risks.
7. Secret Management & Policy Enforcement – Implement secure credential handling, policy enforcement, and governance automation.
8. Container & API Security – Strengthen security for Azure Container Apps, ensuring secure deployments, runtime protection, and enforcing best practices for API authentication & authorization.
Nice to Have
1. Experience with Teagis XDR for extended threat detection and response.
2. Hands-on knowledge of Cortex XSIAM for AI-driven security operations.
Key Skills & Experience
1. Strong hands-on experience with Azure DevOps, GitHub, PowerShell, and Bicep.
2. Deep expertise in cloud security, IAM, encryption, and compliance frameworks.
3. Experience securing CI/CD pipelines, Infrastructure as Code (IaC), and DevOps workflows.
4. Knowledge of Defender for Cloud, SIEM solutions, and security monitoring.
5. Proficiency in Zero Trust security models, API security, and container security.
Seniority Level
Mid-Senior level
Employment Type
Contract
Industries
IT Services and IT Consulting
#J-18808-Ljbffr