Security/DevSecOps Lead - Remote (UK)

Posted 16 June by Profile 29

Job; Security/DevSecOps Lead - Remote (UK)

This company, headquartered in London is growing fast (they’ve recently announced a $2 billion SPAC deal to go public on NASDAQ). To underpin this growth, they’re heavily investing in growing their team. They’re looking for skilled and confident individuals to join them in the delivery and success of their flagship product, which addresses a global market for consumer mobile engagement and mobile commerce.

They are looking for an experienced Security/DevSecOps Lead to join their growing team. This is a Technical Hands-On Engineering role with growth potential within their organisation for the right candidate. The role is centred around core operational security, technical engineering and consultancy for enhancements of security for their technology-driven capabilities. You will be reporting directly to their CISO and will be an integral part of their Information Security and DevSecOps team for design, implementation, and development and delivery.


  • Lead compliance assessment and review of SaaS environments based on AWS, Azure, etc to document and report key control requirements against industry standard, gaps and remediations including contribution to remediation plans
  • Be an integral part of Security Engineering for projects and solutions, including design, implementation, ongoing development and operations of platforms such as IDAM, SIEM, Firewalls, Security testing, IDS/IPS, Mobile Device Management, Single Sign-On and Endpoint Security solutions
  • Provide Security Engineering response to Production incidents and Problem investigations as part of their Dev Sec-Ops function.
  • Working with both technical and non-technical stakeholders, establish yourself as their Security Engineering SME for components of the Information Security Toolset
  • Work within their Information Security team to formulate solutions and services that create and maintain appropriate operational security measures and capabilities to protect against unauthorised access to electronically stored and/or transmitted information and to protect against anticipated and cutting-edge threats and vulnerabilities
  • Continually assess potential information security risks within these environments and identify actions to improve the security posture of their organisation
  • Contribute to development of their organisation’s security architecture roadmap
  • Research new security-related technologies and advancements, and identify opportunities for continual improvement, providing recommendations for ongoing improvements to their organisation against its roadmap
  • Maintain detailed sets of operational documentation for all Security systems
  • Devise reports and reporting schedule and report on health of security systems and organisation's technical security posture
  • Support incident management and response for technology security events
  • Actively Support their organisation's Information Security management system through security configuration and automation

Required technical knowledge and experience:

  • AWS - ideally with certification
  • Familiarity with industry security configuration standards and regulations; PCI/DSS, SOX 404, ISO27001
  • Strong technical hands-on experience within security engineering, with skills in solution design and implementation and Audit
  • Demonstrated experience with their management and development of data analysis platforms, presentation, alerting, technical audit, reporting and application security
  • Extensive experience and in-depth understanding of the design, deployment, operational support, audit and reporting of security technologies, e.g., SaaS Cloud security tools for IDAM, SIEM, Firewalls, Security testing, IDS/IPS, Single Sign-On, as well as Mobile Device Management and Endpoint Security solutions
  • Experience with Cloud Security technologies, Data Loss Prevention platforms, and Security Orchestration, Automation and Response implementation
  • Experience with Atlassian (Jira, Confluence), Rancher, GitHub, Microsoft’s, AD, Compliance / Security Centre, Admin online, SharePoint, etc.

As an ideal candidate;

  • You will have industry certification such as CISSP/CISM/CRISC and have expert knowledge of security operations, Information Security engineering principles & GRC Information Security.
  • Technical qualifications in Azure or Cloud security are advantageous but not a key requirement.

Other Stuff;

  • £’s; fully DoE approx. £60k-£90k (neg.) + benefits,
  • Location; fully remote / work from home,
  • Interested? Please send your (Word doc) CV,
  • Please only apply if you already have a UK NI number & the ability to work in the UK indefinitely & without sponsorship
  • Not for you but you know someone suitable? - Profile 29 can pay a referral fee,
  • Visit our website for lists of all current job opportunities,

In accordance with GDPR by applying you give Profile 29 consent to use your data for recruitment purposes only (details of Profile 29’s privacy policy can be found at: profile-29 .com/privacy)

Profile 29 recruitment keywords; DevSecOps dev sec ops Devops ISO27001 SOX 404 SOX404 PCIDSS PCI-DSS PCI DSS security AWS London home based remote hybrid ecommerce mcommerce software SaaS cloud

Application questions

Do you already have a UK NI number?
Do you have the ability to work in the UK indefinitely & without sponsorship?

Reference: 47208150

Bank or payment details should never be provided when applying for a job. For information on how to stay safe in your job search, visit SAFERjobs.

Report this job