Dev SecOps Engineer

Dev SecOps Engineer

Bath - Fully Remote

£60,000 - £70,000 + benefits

Fantastic new permanent opportunity for an experienced Dev SecOps Engineer with fast growing specialist Fintech business. This is a great opportunity to join a new security focussed squad within their forward-thinking engineering team you will have a unique opportunity to shape what security means to the business. As a passionate security advocate, you will navigate complex challenges and approach platform design pragmatically. Leverage modern tools, languages, and platforms to contribute to efficient, secure, and scalable delivery of high-performance products.

Main responsibilities:

• Work within a newly formed Security squad to continuously improve security posture within their cloud estate.
• Consult, advocate, and teach security best practice across engineering.
• Utilise modern tooling to shift security left, collaborating closely with development teams to ensure security is addressed early in the development lifecycle.
• Review security best practice, remediating and implementing controls to ensure compliance.
• Implementing security gates within the CI/CD workflows to ensure secure deployments.
• Write Infrastructure-as-code to build secure infrastructure repeatedly.
• Proactively patch infrastructure and code.
• Engage in debates around processes and methodologies, actively contributing fresh ideas and challenging the status quo. You'll embrace a culture of psychological safety, confidently voicing opinions to achieve quality standards.
• Leverage managed services (where appropriate) to enable the team to focus on delivering core business value.

Skills Required:

• Proven previous experience gained working within a similar Dev SecOps engineering position.
• Strong experience securing cloud platforms, primarily AWS and Mongo Atlas.
• Exposure to Audits/Compliance/Security frameworks (ISO27001, SOC2, OWASP, SAMM, DSOMM).
• Knowledge of embedded security (IDE plugins, SAST, DAST, SCA).
• Experience performing vulnerability scanning/penetration testing.
• Threat detection and prevention (IDS, IPS, SOC, Threat list blocking, WAF/SIEM).
• Cloud account management (e.g. AWS Control Tower/GuardDuty/Config/Security Hub/CloudTrail).
• Identity management (e.g. SAML/OAuth/OIDC/AWS IAM).
• Secret management (e.g. AWS Secrets Manager, Parameter Store).
• Patch management (Security updates/ AWS SSM / Dependabot).

For any further queries regarding the role, please contact Danny Palmer at