Job Description

Role: DevSecOps Engineer

Location: Leeds

Mode: Onsite

Type: Contract

:

Overview

:
We are seeking a skilled

DevSecOps Engineer

to join our team and strengthen our security practices throughout the CI/CD pipeline. In this role, you will implement secure coding practices, perform security testing, and automate security workflows to ensure the protection of our cloud infrastructure, applications, and data.

Key Responsibilities

:

Integrate

DevSecOps

practices into CI/CD pipelines to enable secure software development. Perform

SAST

,

DAST

, and

SCA

to identify vulnerabilities during development and deployment phases. Establish

Quality Gates

to ensure security standards are met before code is released. Conduct

penetration testing

and implement

auto remediation

measures. Leverage

Infrastructure as Code (IaC)

tools like

Terraform

,

Ansible

, and

CloudFormation

for secure infrastructure provisioning. Manage

Cloud Security

best practices across AWS, Azure, or GCP environments. Ensure

Container Security

for Docker and Kubernetes environments. Implement

Secrets Management

for safe handling of sensitive data. Monitor and log security events across platforms, ensuring proactive security measures. Perform

Threat Modeling

and apply

Secure Coding Practices

to mitigate risks early.

Required Skills & Experience

:

Hands-on experience with

CI/CD

,

SAST

,

DAST

,

SCA

tools. Expertise in

Terraform

,

Ansible

,

CloudFormation

for IaC. Strong background in

Cloud Security

(AWS, Azure, GCP). Familiarity with

Container Security

and

Secrets Management

. Experience with

Penetration Testing

,

Monitoring & Logging

, and

Threat Modeling

. Knowledge of

Secure Coding Practices

and

Auto Remediation

techniques.
Job Type: Fixed term contract
Contract length: 6 months

Pay: 300.00-400.00 per day

Experience:

DevSecOps: 5 years (required) CI/CD: 4 years (required) SAST / DAST / SCA: 3 years (required) Quality Gates: 2 years (required) Penetration Testing: 3 years (required) Terraform / Ansible / CloudFormation: 3 years (required) Container Security: 3 years (required) * Threat Modeling: 2 years (required)