Job Description

Tasks



DEVOPS LEAD

Location:

London



2months+ contract with possible extension



We are seeking a highly experienced DevSecOps & IaC Lead to drive enterprise-wide DevSecOps transformation and Infrastructure?as?Code implementation during the migration of large-scale on?prem systems to AWS cloud.



This role requires deep expertise across CI/CD pipelines, security automation, cloud-native DevOps tooling, third-party DevSecOps platforms, and large-scale IaC governance.



Key Responsibilities



1. DevSecOps Strategy & Cloud Migration Leadership



Lead the DevSecOps transformation for applications and platforms migrating from on?prem to AWS. Build a roadmap for CI/CD modernization, security automation, and cloud-ready pipelines. Ensure DevSecOps practices support lift & shift, replatforming, containerization, and modernization migration patterns. Collaborate with cloud, application, SRE, and security teams to ensure DevSecOps maturity improves during and after migration.

1. Infrastructure?as?Code (IaC) Architecture & Governance



Define enterprise IaC standards using tools such as Terraform, CloudFormation, CDK, Ansible, and GitOps practices. Lead IaC implementation for AWS landing zones, networking, security, containers, and application infrastructure. Establish modular IaC patterns, reusable blueprints, guardrails, and governance frameworks. Drive full lifecycle IaC adoption: provisioning ? configuration ? drift control ? compliance.

1. Cloud?Native & Third?Party DevSecOps Tooling Integration



Architect and integrate DevSecOps toolchains across cloud and on?prem ecosystems, including: CI/CD: GitHub Actions, GitLab, Jenkins, Azure DevOps Security: Snyk, Checkmarx, SonarQube, Prisma Cloud, Aqua, Twistlock Containers: EKS, ECS, ECR, Helm, ArgoCD, Flux Secrets & identity: AWS Secrets Manager, HashiCorp Vault Compliance: AWS Security Hub, GuardDuty, OPA/Conftest, Checkov Ensure deep integration between security scanning, artifact repositories, code quality, and deployment automation.

1. Security Automation & Shift?Left Enablement



Implement "security-by-default" and "shift-left" practices across the software lifecycle. Automate: SAST/DAST Dependency & container image scanning Policy-as-code (Rego/OPA) Secrets scanning Infrastructure compliance Establish secure CI/CD pipeline patterns covering application, container, and infrastructure layers.

1. Observability, Reliability & DevOps Excellence



Partner with SRE, platform, and cloud teams to embed monitoring, logging, tracing, and auditability into pipelines. Implement automated quality gates, blue?green/canary deployments, and progressive delivery strategies. Standardize operational best practices through automation, runbooks, and deployment frameworks.

1. Governance, Risk, Automation & Compliance



Ensure all DevSecOps and IaC pipelines comply with enterprise security, audit, and regulatory requirements. Define DevSecOps maturity KPIs (deployment frequency, MTTR, security findings, drift metrics). Build automated governance controls for release management, security enforcement, and compliance checks. Drive adoption of secure cloud operating models across all stakeholders.

1. Leadership & Stakeholder Management



Lead cross-functional DevSecOps squads and mentor engineers on DevSecOps, IaC, and cloud automation practices. Work with program managers to ensure DevSecOps readiness across all migration waves. Communicate progress, risks, and technical decisions to senior leadership and architecture boards. Provide strategic input on enterprise cloud engineering standards and transformation roadmap.

Security & Compliance Skills



Strong understanding of cloud security principles: IAM, KMS, encryption, zero trust, least privilege. Experience implementing policy-as-code and pipeline security controls. Understanding of CIS benchmarks, NIST, ISO27001, compliance frameworks.

Cloud Migration Skills



Direct experience supporting large-scale on?prem to AWS migrations. Strong understanding of migration waves, application onboarding, and pipeline modernization.

Requirements



Required Skills & Experience



Technical Expertise



14+ years of experience in DevOps, platform engineering, cloud automation, or infrastructure engineering. Strong hands-on experience with AWS cloud services, CI/CD, IaC, and security automation. Expertise in: Terraform, CloudFormation, CDK, Ansible Docker, Kubernetes, EKS/ECS, Helm, GitOps GitHub/GitLab/Azure DevOps/Jenkins pipelines Security tools: Snyk, Checkmarx, SonarQube, Prisma Cloud, Vault Logging/observability platforms (CloudWatch, ELK, Datadog)

Preferred Qualifications



AWS DevOps Engineer - Professional AWS Solutions Architect - Associate/Professional HashiCorp Terraform Certification Kubernetes certifications (CKAD, CKA, CKS) * DevSecOps or SRE certifications (nice-to-have)