DevOps Consultant/Engineer
Location: Barrow/Remote
Salary: £50K + Benefits
A DevOps Consultant is required for our client who is based in Barrow. You will join the Software Development & Server Management Team and report directly to the Head of IT. This role is integral in the deployment, maintenance, and security of a large estate of cloud-based servers hosting bespoke in-house built cloud software across multiple datacentres. You will have hands-on practical experience. The majority of this estate runs Linux, which is essential. Your day-to-day will be varied and fast-paced; you will be heavily integrated with the Full Stack Developers in our team who are deploying new features weekly and fixing existing codebase issues from a backlog. You will also be involved in the deployment of new cloud servers, configuration maintenance, and hardening/securing each server. You will be responsible for the ongoing maintenance and hardening of the 25 existing cloud servers in the server estate.
Key accountabilities of the role include:
1. Server Management, Maintenance, Upgrades & Compliance:
o Responsible for the entire server lifecycle, from server deployment to maintaining, upgrading, and ensuring compliance of every server in our estate.
o Resource increases when necessary for scalability - RAM, Disk Size, CPU etc.
o MySQL Database management, maintenance, and compliance.
o MySQL Replication maintenance and management (Master-Master & Master-Slave relationships).
o Linux Operating System distribution migration (moving our servers to a new Linux distribution where required).
o Updating server software repositories via DNF.
o NFS mounting and management in a secure environment.
o Implementing and maintaining TDE/At Rest Encryption (or similar).
o Server Account Management.
o WHM/CPanel Configuration and Management.
o Backup configuration and restoration testing.
2. Linux & Windows Server Daily Business Continuity Checks:
o To ascertain and document server health via daily check processes - which are to be refined.
o To resolve availability, integrity, or security issues as they arise independently and be able to raise critical issues with other members of the team or leadership team where appropriate.
o Able to communicate risk in a measured, calculable way in line with ISO27001 methodologies.
3. Information Security Engineering:
o Responsible for improving and maintaining the security baselines across the company, from conceptualization to implementation and daily maintenance. This responsibility includes the servers as well as the bespoke built applications and code.
o Server Environment Hardening.
o ModSec Firewall Configuration.
o Securing Network Environments.
o Firewall Configuration (Server and Network Level).
o PKI Management.
o Intrusion Detection and Prevention.
o TLS, HSTS & CSP Configuration Management.
o Risk Management and Treatment.
o Vulnerability Management and Triage.
o Routine internal system audits.
o Establishing InfoSec baselines within the company.
o Configuring and managing Cloudflare as a reverse proxy and Web Application Firewall.
o WAF Event risk management and triage.
o Zero Trust configuration and management.
o Security best practices and experience conforming to standards such as:
+ ISO27001:2022 Framework
+ OWASP
+ NIST CSF
+ PCI DSS 4.0
+ SOC-2
+ NCSC Best Practices
#J-18808-Ljbffr