Jobs
>
Bath

    Dev SecOps Engineer - Bath, United Kingdom - Sanderson Recruitment

    Sanderson Recruitment
    Sanderson Recruitment Bath, United Kingdom

    Found in: SonicJobs Direct Apply UK - 5 days ago

    Default job background
    Full time
    Description

    Dev SecOps Engineer

    Bath - Fully Remote

    £60,000 - £70,000 + benefits

    Fantastic new permanent opportunity for an experienced Dev SecOps Engineer with fast growing specialist Fintech business. This is a great opportunity to join a new security focussed squad within their forward-thinking engineering team you will have a unique opportunity to shape what security means to the business. As a passionate security advocate, you will navigate complex challenges and approach platform design pragmatically. Leverage modern tools, languages, and platforms to contribute to efficient, secure, and scalable delivery of high-performance products.

    Main responsibilities:

    • Work within a newly formed Security squad to continuously improve security posture within their cloud estate.
    • Consult, advocate, and teach security best practice across engineering.
    • Utilise modern tooling to shift security left, collaborating closely with development teams to ensure security is addressed early in the development lifecycle.
    • Review security best practice, remediating and implementing controls to ensure compliance.
    • Implementing security gates within the CI/CD workflows to ensure secure deployments.
    • Write Infrastructure-as-code to build secure infrastructure repeatedly.
    • Proactively patch infrastructure and code.
    • Engage in debates around processes and methodologies, actively contributing fresh ideas and challenging the status quo. You'll embrace a culture of psychological safety, confidently voicing opinions to achieve quality standards.
    • Leverage managed services (where appropriate) to enable the team to focus on delivering core business value.

    Skills Required:

    • Proven previous experience gained working within a similar Dev SecOps engineering position.
    • Strong experience securing cloud platforms, primarily AWS and Mongo Atlas.
    • Exposure to Audits/Compliance/Security frameworks (ISO27001, SOC2, OWASP, SAMM, DSOMM).
    • Knowledge of embedded security (IDE plugins, SAST, DAST, SCA).
    • Experience performing vulnerability scanning/penetration testing.
    • Threat detection and prevention (IDS, IPS, SOC, Threat list blocking, WAF/SIEM).
    • Cloud account management (e.g. AWS Control Tower/GuardDuty/Config/Security Hub/CloudTrail).
    • Identity management (e.g. SAML/OAuth/OIDC/AWS IAM).
    • Secret management (e.g. AWS Secrets Manager, Parameter Store).
    • Patch management (Security updates/ AWS SSM / Dependabot).

    For any further queries regarding the role, please contact Danny Palmer at