DevSecOps Engineer

Job Description:

We're looking for a hands-on DevSecOps Engineer to take ownership of application and cloud security across a modern, Azure-first product environment. This is a product-focused security role, sitting at the intersection of development, DevOps and security, helping teams understand why vulnerabilities exist and how to fix them properly.

The foundations are already strong, with regular external penetration testing, positive audit outcomes, and mature security tooling are in place. Your role is to raise the bar further, embedding security deeper into how products are built, configured and deployed.

You'll be the subject matter owner for DevSecOps, working closely with developers, DevOps and product teams to improve security posture through insight, automation and education.
 
The role:

• Act as the DevSecOps lead, owning application and cloud security practices across the business
• Analyse outputs from SAST and DAST tools (e.g. Snyk, BrightSec), understanding vulnerabilities at a low level and advising development teams on remediation
• Work closely with DevOps to ensure secure configuration and deployment within Azure (including Azure Front Door, WAF, Defender for Cloud, Sentinel)
• Support and interpret results from ITHC (UK Government-standard) penetration tests, ensuring findings are understood and remediated across product and platform teams
• Embed security controls and testing into CI/CD pipelines, improving automation and consistency
• Help educate and uplift DevOps and engineering teams on secure practices where needed
• Collaborate with external security partners, audits and penetration testing providers
• Investigate and support resolution of security issues raised via customers or automated alerts
• Provide security input into customer discussions alongside sales and consultancy teams

About you:

• Comfortable operating as a solo SME, owning the subject, partnering with the business and third parties
• Experienced with working in a software house and product led environment
• Strong background and understanding of Azure
• Ability to share knowledge and educate the wider team on best practices
• Ideally with a background who has tight security principles
• Full UK right to work required without restrictions, successful candidate will be taken through clearance checking 

 
Nottingham based office, hybrid working with minimum 2x office days per week.
Salary £60,000 - £65,000 + benefits
Permanent opportunity

* Full UK right to work required as successful candidate will be taken through clearance checking *