DevOps Specialist

Job Description

Location: [UK]
SC Cleared: Required
Job Type: Full-Time
Experience: 14-17 years

Job description:
We are seeking a talented and experienced DevSecOps Specialist to join our team. The DevSecOps Specialist will play a crucial role in implementing and maintaining secure and efficient DevSecOps practices across our organization. The successful candidate will collaborate with cross-functional teams to automate and streamline our software development and deployment processes while ensuring the security and compliance of our systems.

Key Responsibilities:

DevSecOps Implementation:
Lead the implementation of DevSecOps practices and methodologies across the organization.
Design and implement automated CI/CD pipelines to enable rapid and reliable software delivery.

Integrate security controls and compliance checks into the software development lifecycle.

Infrastructure Automation:
Implement infrastructure as code (IaC) practices using tools such as Terraform, Ansible, or Puppet.

Automate the provisioning and configuration of infrastructure resources on cloud platforms such as AWS, Azure, or Google Cloud Platform.

Security and Compliance:
Implement security best practices and standards, including secure coding practices, vulnerability management, and identity and access management (IAM).

Conduct security assessments and audits to identify and remediate security vulnerabilities and compliance issues.

Ensure compliance with regulatory requirements and industry standards (e.g., GDPR, HIPAA, PCI DSS).

Monitoring and Incident Response:
Implement monitoring and alerting solutions to detect and respond to security incidents and anomalies.

Develop and maintain incident response plans and procedures.

Conduct post-incident reviews and analysis to identify lessons learned and improve incident response processes.

Collaboration and Communication:
Collaborate with development, operations, and security teams to align DevSecOps practices with organizational goals and objectives.

Communicate DevSecOps principles and best practices to technical and non-technical stakeholders.

Provide training and support to teams on DevSecOps tools and practices.

Qualifications:
Bachelor’s or Master’s degree in Computer Science, Information Technology, or related field.

5+ years of experience in DevOps, security engineering, or related roles.

Strong understanding of DevSecOps principles and practices.

Experience with CI/CD tools such as Jenkins, GitLab CI/CD, or Azure DevOps.

Proficiency in scripting and automation using languages such as Python, Shell, or PowerShell.

Knowledge of cloud platforms and services (e.g., AWS, Azure, Google Cloud Platform).

Familiarity with security tools and technologies (e.g., SIEM, IDS/IPS, WAF).

Excellent analytical, problem-solving, and communication skills.

Relevant certifications such as Certified DevSecOps Engineer (CDSE) or Certified Information Systems Security Professional (CISSP) are a plus.

Key Competencies:
DevSecOps implementation and automation

Infrastructure as code (IaC) and configuration management

Security and compliance management

Incident response and monitoring

Collaboration and communication skills

Training and support