DevOps Consultant/Engineer
Barrow/Remote
£50K + Benefits
A DevOps Consultant is required for our client who are based in Barrow. You will join the Software Development & Server Management Team and will report directly to the Head of IT. This role is integral in the deployment, maintenance and security of a large estate of cloud based Servers hosting bespoke in-house built cloud software, across multiple datacentres. You will be hands on with practical experience. The majority of this estate runs Linux, so this is essential. Your day to day will be varied and fast paced, you will be heavily integrated with the Full Stack Developers in our team who are deploying new features on a weekly basis and fixing existing codebase issues from a backlog. You will also be involved in the deployment of new cloud Servers, the configuration maintenance and hardening/securing of each server. You will be responsible for the ongoing maintenance and hardening of the 25 existing cloud Servers in the server estate.
Key accountabilities of the role include:
* Server Management, Maintenance, Upgrades & Compliance o Responsible for the entire server life cycle, from server deployment to maintaining, upgrading, and ensuring compliance of every server in our estate.
Resource increases when necessary for scalability - RAM, Disk Size, CPU etc.
MySQL Database management, maintenance and compliance.
MySQL Replication maintenance and management (Master - Master & Master- Slave relationships).
Linux Operating System distribution migration (moving our Servers to a new Linux distribution where required).
Updating server software repositories via DNF.
NFS mounting and management in a secure environment
Implementing and maintaining TDE/At Rest Encryption (or similar).
Server Account Management.
WHM/CPanel Configuration and Management.
Backup configuration and restoration testing.
* Linux & Windows Server Daily Business Continuity Checks
o To ascertain and document server health via daily check processes - which are to be refined.
o To resolve availability, integrity or security issues as they arise independently and be able to raise critical issues with other members of the team or leadership team where appropriate.
o Able to communicate risk in a measured, calculable way in line with ISO27001 methodologies.
* Information Security Engineering
o You will be responsible for improving and maintaining the security baselines across the company, from conceptualisation to implementation and daily maintenance, this security responsibility includes the responsibility of the Servers as well as the bespoke built applications and code.
Server Environment Hardening
ModSec Firewall Configuration
Securing Network Environments
Firewall Configuration (Server and Network Level)
PKI Management
Intrusion Detection and Prevention
TLS, HSTS & CSP Configuration Management
Risk Management and Treatment
Vulnerability Management and Triage
Routine internal system audits
Establishing InfoSec baselines within the company
Configuring and managing Cloudflare as a reverse Proxy and Web Application Firewall. WAF Event risk management and triage
* Zero Trust configuration and management
Security best practices and experience conforming to standards such as:
* ISO27001:2022 Framework. OWASP. NIST CSF. PCI DSS 4.0. SOC-2. NCSC Best Practices