DevSecOps Engineer

Location: England
Salary: £40,000 - £70,000 pa
Reference: AW / DevSecOps
Type: Permanent
Sector: Digital, Digital Marketing & IT Recruitment
Deadline: 12/03/2022

The company

Brewster Partners are working with a leading digital transformation company in Education for an exciting new position. They are looking for a DevSecOps Engineer to join their engineering team.

The job

The successful candidate will have good experience and knowledge of IT security best practices both from and operational and engineering perspective.

You will be joining an evolving agile engineering team working alongside Scrum Masters, Product Managers, QA’s and Software Engineers to shift security to the left and ensure it is included at every stage of the development process and built in by design. Working alongside our Platform and Scrum teams you will report on vulnerabilities, working with all teams to remediate them as quickly as possible.

Key Responsibilities:

  • Champion DevSecOps throughout the company. You will be responsible for product security by building in mechanisms to ensure that all services, applications and tools are secure throughout the software development lifecycle.
  • Advise Scrum teams in sprint planning and refinement, enabling them to commit to and deliver value to the business by ensuring products and services follow security best practices and facilitating them to own remedial actions and security improvements.
  • Create and regularly review  infrastructure vulnerability and web application scanning reports remediating actions within and advising our product teams on best practices.
  • Responsible for the gateways in our CI/CD pipelines that scan and test our infrastructure and code for vulnerabilities in all environments.
  • Utilise software tools and write scripts to monitor and analyse vulnerabilities and automate any mitigations required.
  • Help to create, publish, and maintain information security policies, documentation, procedures, standards, and guidelines for our products and online services.
  • Bringing in innovative ideas on technology, process and security best practices to improve the product and security of our services.

The person

  • Experience of working alongside developers, DevOps and the business preferably working within an Agile environment. An in-depth understanding of what DevSecOps is all about.
  • Hardening of web applications and RESTful APIs based upon security best practices (OWASP). The company's products are written in Javascript, PHP, Python and C#, familiarity with any of those languages would be beneficial.
  • Familiarity of using threat monitoring software for logging, monitoring and alerting on security incidents (IDS, IDP, DAST).
  • Comfortable working with Containers (Docker) and Container Orchestration (Kubernetes) using best practices to secure/harden and scan these technologies.
  • Experience in Continuous Integration/Delivery. Experience in automating gateways that scan containers and code.
  • Ability to work with cloud environments (AWS).
  • Fast learner and the ability to learn new concepts and technologies quickly.
  • Excellent trouble-shooting and technical problem-solving skills.
  • You do not have to satisfy every requirement or meet every qualification listed, you will be assessed on your willingness to learn and to collaborate with others.

The benefits

This role can be fully remote.


Amy Wood
Candidate Manager
Brewster Partners Recruitment Group


To apply for this job, please send your CV to the email above or to quoting "Vacancy: DevSecOps Engineer, Reference: AW / DevSecOps". Thank you for your interest.