DevSecOps Engineer

Company Description

The British Airways (BA) IT Operations team is part of BA Digital within the International Airlines Group (IAG), one of the world’s leading airline groups and owner of some of the biggest brands in the sky.

Our vision is to become the most trusted digital airline. We seek to delight our customers, enable our colleagues, accelerate business performance, increase shareholder value, and protect our business through the innovative and agile use of technology and data.

To harness our full potential across our customer, operational and colleague journeys, as well as our enabling domains, platforms and programmes, we are changing our ways of working and transitioning into a product-led organisation at scale.

Together, we are building a better BA.

Job Description

This is a key hire for the team and we are looking for a candidate who can implement and maintain state of the art industry practices for making applications as secure as possible whilst also improving developer efficiency. Working closely with cyber and product teams you will perform a critical role in terms of ensuring that the company’s products are built with security considerations from the ground up.

As a DevSecOps Engineer you will focus on AWS hosted services, including Production, Development and Test environments. Constructing and maintaining the CI/CD pipelines will be among your main responsibilities. You will help the adoption of shift-left approach when participating in Continuous Delivery and adhering to standards and conventions outlined as part of quality and security measures.

Key Responsibilities and Tasks:

• Infrastructure provisioning, management?and optimisation through code.
• Collaborate with Cyber and other stakeholders in order to develop and implement security policies and procedures.?
• Automate workflows to help push the limit of the infrastructure and enable continuous delivery of capabilities onto a hybrid infrastructure.?
• Build, maintain and monitor CI/CD pipelines and collaborate with software engineers to ensure that security standards are met throughout the software development lifecycle.??
• Conduct Code Reviews and utilize Static Code Analysis to identify and mitigate security risks in software code.
• Implement monitoring and threat detection tools and practices to proactively identify and resolve performance issues and bottlenecks.
• Troubleshoot issues until root causes are understood on high traffic production systems, participate in design and review processes, interact with product owners to coordinate infrastructure changes.?
• Collaborate with vendors throughout the development, installation, and troubleshooting of application systems and software to enhance the performance of supported applications.
• Utilize experience to evaluate and assess new ways to scale platform capabilities.?
• Drive continuous improvements, actively participating in projects and service enhancements.

This role may require some travel and working from multiple sites/locations within UK and internationally. You must be willing and able to travel to participate in meetings, workshops and other related activities.

Qualifications

• A bachelor's degree in computer science, Cybersecurity, or a related field Desired Qualification
• Recognised architecture qualification desirable

Skills & Experience

• Experience in Infrastructure as Code (IaC) automations in CI/CD and AWS/Azure environments using Terraform.
• Extensive production experience using AWS and/or Azure technology stack, including Web apps, traffic manager, serverless functions, CDN, application insights, CloudWatch, pipelines, storage and security.
• Experience with implementing and maintaining Zero-Trust concepts and policy enforcement.?
• Understanding of software development methodologies and programming languages.?
• Deep knowledge of continuous integration and delivery tooling such as Github, ArgoCD, Docker, Kubernetes and Terraform.??
• Understanding and experience using or deploying device-based trust applications (Okta Verify, Google Beyondcorp, Cloudflare Zero Trust, etc).?
• Extensive knowledge of RBAC/ABAC concepts and operating policies.?
• Excellent technical documentation and KB writing skills with the ability to contribute and present to developer communities.?
• Work independently and organized, with the ability to prioritize a busy workload.?
• Ability to collaborate with cross-functional team members that are dependencies to meet the customers need.?
• Advanced level of technical troubleshooting experience for incident responses/planning.?
• Experience of working within a regulated industry or working with standards and compliance frameworks is desirable.