Location: Edinburgh (Hybrid)
Job Description
Are you a DevSecOps Engineer passionate about embedding security into cloud-native applications and infrastructure? We’re looking for an engineer who thrives at the intersection of development, security, and operations, ensuring security is seamlessly integrated into CI/CD pipelines and cloud environments. This is your chance to build, automate, and innovate, protecting a platform used by over 110 million users worldwide.
What You’ll Be Doing
* Develop and implement security controls within CI/CD pipelines to secure cloud applications and infrastructure.
* Automate security testing using tools like SAST, DAST, and IaC security scanners.
* Enhance cloud security by securing AWS environments, Kubernetes clusters, and containerized workloads.
* Monitor and mitigate security vulnerabilities, collaborating with engineering teams to resolve issues efficiently.
* Drive security best practices, ensuring compliance with industry standards like ISO 27001, GDPR, and NIST.
* Build internal security utilities and frameworks, improving automation and threat detection.
* Contribute to incident response efforts, investigating and mitigating security threats.
What We’re Looking For
* Min 3 years of experience in security engineering, DevSecOps, or cloud security.
* Strong knowledge of cloud-native security (AWS, Kubernetes, IAM, AWS WAF, GuardDuty).
* Hands-on experience with CI/CD security and automation (GitHub Actions, GitLab CI, Jenkins).
* Experience with security tools such as Snyk, OWASP ZAP, SonarQube, or similar.
* Familiarity with infrastructure as code security (Terraform, CloudFormation).
* Knowledge of Python, Java, or similar for scripting and automation is a plus.
* Understanding of compliance standards (ISO 27001, GDPR, NIST, SOC 2).
* Strong problem-solving skills and ability to work cross-functionally in an agile environment.
Why Join?
* Be part of a high-growth global platform, securing applications at scale.
* Work in a hybrid environment (approx. 8 days/month in-office).
* Join a collaborative and innovative security team, constantly evolving with the latest DevSecOps practices.
If this sounds like you, please submit your CV below or contact Mathew Dunn for more information or with any questions.
Seniority level
Mid-Senior level
Employment type
Full-time
Job function
Information Technology
Industries
Technology, Information and Media, Information Services, and IT Services and IT Consulting
#J-18808-Ljbffr