Senior DevSecOps Engineer

Senior DevSecOps Engineer London/Hybrid (2 days a week in office) Role Overview As a Senior Engineer, your primary objective is to engineer the "paved road" for secure software development. You will architect and deploy automated guardrails, robust security tooling, and seamless integrations directly into developer workflows and cloud infrastructure. By treating security as an engineering discipline, you will partner with cross-functional teams (Platform, Cloud, Engineering, and Security Operations) to deliver scalable, low-friction security solutions that empower the organisation to ship code quickly and securely.

Core Responsibilities Pipeline Integration & Secure Delivery Embed seamless security checks (SAST, SCA, DAST, and secrets detection) directly into CI/CD workflows. Optimize security tooling to ensure developers receive immediate, high-fidelity, and actionable feedback. Automate infrastructure and application vulnerability scanning throughout the deployment lifecycle.

Security Engineering & Product Ownership Architect, deploy, and maintain bespoke internal security services, APIs, and automation scripts. Manage security tools with the rigor of a traditional software product, ensuring high availability, version control, and comprehensive documentation. Apply best-in-class software engineering principles to all security initiatives.

Cloud Posture & Policy-as-Code Design and enforce policy-as-code guardrails across Infrastructure-as-Code (IaC), container orchestration (Kubernetes), and cloud identity access management (IAM). Collaborate alongside platform engineers to establish secure-by-default blueprints and self-service capabilities. Threat Detection & Telemetry Build and maintain reliable data pipelines that route structured security telemetry and alerts to our SIEM environments.

Engineer automated remediation pathways and response playbooks for security operations. Oversee scanning infrastructure and vulnerability management platforms. Culture, Advocacy & Enablement Act as a security evangelist, promoting a culture of shared responsibility across engineering teams.

Lead enablement initiatives, including training sessions, comprehensive guides, and regular office hours. Participate actively in blameless post-mortems to drive continuous organizational learning. Technical Expertise Experience: 5+ years of specialised experience in DevSecOps, Platform Security, or Security Engineering.

Development Skills: Strong programming and automation capabilities using languages such as Python, Go, or Bash. CI/CD & IaC: Hands-on proficiency with modern CI/CD orchestrators (e.g., GitHub Actions, GitLab CI) and Infrastructure-as-Code tools (e.g., Terraform). Cloud Native: Deep understanding of major public cloud providers (AWS experience is highly advantageous), encompassing cloud networking, IAM, and telemetry.

Security Integration: Proven track record of embedding security scanning tools (SAST, SCA, DAST, container security) into active pipelines. Bonus Qualifications Previous experience operating within highly regulated industries or financial services. Familiarity with edge security (WAF/DDoS), Zero Trust architectures, and enterprise vulnerability management.

Experience with Security Orchestration, Automation, and Response (SOAR) technologies. Relevant industry certifications (e.g., AWS Security Specialty, CKS, CISSP, GIAC).