DevSecOps Engineer

🔒 Confidential Employer
Posted 25 March 2026
LOCATION
Stone, Staffordshire
TYPE
Full-time
LEVEL
Mid-Senior level
CATEGORY
Technology
This employer holds a UK Home Office sponsor license — sponsorship for this specific role is at the employer’s discretion

SKILLS

DevSecOps Azure Cloud Security CI/CD pipelines Terraform Kubernetes PowerShell Python

FULL DESCRIPTION

DevSecOps Engineer
Location: Stone, Staffordshire Hybrid working, 2 days a week in our Stone Office)
Status: Permanent, Full Time 
Package: Competitive Salary, Flexible Working, Development & Opportunity (Personal & Technical), Private Medical (Optical & Dental options), Matching Contributory Pension, 25 Days Leave + Public Holidays + Buy and Sell Scheme, Life Insurance, Referral Scheme, Employee Assistance Program, Benefits Hub.

What are you responsible for?

•Assess the current security posture of our existing platforms, pipelines and cloud environments 
•Gather and synthesise information across teams to build a clear view of current risks, gaps, and constraints 
•Lead the definition of pragmatic, prioritised improvements to security maturity over time 
•Embed security into platform architecture, infrastructure and CI/CD pipelines across the SDLC 
•Introduce and evolve a practical threat modelling approach appropriate to a mixed legacy and cloud native estate 
•Design, build and improve secure Azure landing zones and shared platform services 
•Ensure migrations from managed data centres into Azure result in measurable security improvements 
•Jointly own security monitoring and detection capabilities with the managed SOC, shaping alerts, workflows, and responsibilities 
•Own and evolve security guardrails using policy as code and automated controls 
•Integrate security testing into delivery pipelines, including code, dependency, container and infrastructure scanning 
•Partner with Platform Engineers to define secure by default patterns and reusable components 
•Work with SREs to align runtime security, observability, and incident response 
•Participate in security incidents and post incident reviews, driving long term corrective actions 
•Enable engineering teams through capture the flag exercises, threat scenarios and handson security learning 
•Provide clear, evidence based security advice to platform, architecture and delivery leadership

Skills, Knowledge, Experience:

  • Strong hands on experience in DevSecOps, platform security or cloud security engineering 
  • Background as a software developer, platform engineer, or architect, with a solid understanding of how real systems are built and delivered is a real advantage 
  • Demonstrable experience working across the full SDLC, including design, development, testing, deployment and operation 
  • Ability to reason about security in the context of application code, infrastructure and runtime behaviour rather than in isolation 
  • Deep experience securing Azure environments, with working knowledge of AWS 
  • Proven experience designing, assessing and evolving secure cloud landing zones 
  • Practical experience applying threat modelling techniques to both new and existing systems 
  • Strong experience integrating security controls and testing into CI/CD pipelines 
  • Solid Infrastructure as Code experience (Terraform, Bicep, ARM, etc.) 
  • Experience securing containers, Kubernetes, and cloud native workloads 
  • Familiarity with modern testing practices, including unit, integration, and security testing and how they fit together 
  • Strong automation and scripting skills (PowerShell, Python, Bash, etc.) 
  • Experience working alongside managed security providers or SOC teams 
Sign up free — access 45,000+ UK sponsor-licensed jobs