As one of our DevSecOps Security Engineers, you will be helping the team manage and deploy solutions on platforms in a secure and optimised manner. This will include all aspects of security, maintaining an evolving programme of work to address prioritised concerns, helping to identify threats and risks and working to implement solutions and mitigations. You will also work with the rest of the squad to incorporate more security checks into the CI/CD pipelines. The role will include validation of planned changes to ensure that they comply with best practice and will also involve working with the Cyber Security Team. Be a team player – live the Tesco Mobile values. Implement agreed security improvements to key platforms. Act as the subject matter expert for infrastructure security. Work with the application development teams to improve application security. Crafting business justifications for security improvements and present these to Product Owners and other stakeholders in an eloquent manner for an audience that may not be as technically experienced in Security Engineering. We are looking for the following skills & experience: Significant commercial experience with cloud and SaaS security improvement projects. Significant experience with cloud providers AWS and Azure. Experience of CI/CD pipelines and adding security tooling to these. Experience using SAST and other techniques to improve code security. Experience using AWS Security Hub, Azure Security Center, etc. to improve cloud security position. Willingness to learn new skills. Nice to have: Source code systems and branching strategies; Github and Github Actions. Experience in a commercial setting using and managing Splunk including defining data streams, indices and ingests and dashboards. Experience maintaining and updating infrastructure using IaC tooling. Automation experience using a variety of tools and languages including AWS CLI, python, etc. Experience automating tasks using PowerShell or Azure CLI. Containerisation technologies; Docker and Kubernetes. Exposure to Continuous Integration and Continuous Deployment techniques, approaches and tools, including experience with the GitHub and GitHub Actions. LI-AF2 LI-Hybrid