A leading global investment management firm are seeking a talented DevSecOps Engineer to join their elite Technology team. This is your chance to champion a security-first culture and protect the integrity of our world-class platform.

The Role:

In this pivotal role, you will work at the intersection of development, operations, and security. You’ll be instrumental in designing, implementing, and managing a robust DevSecOps framework, seamlessly integrating cutting-edge security tools and practices into our CI/CD workflows. Your work will be critical in empowering our developers and safeguarding our assets.

What You’ll Do:

• • Design, implement, and manage a comprehensive DevSecOps framework to enhance the developer experience.
  • Champion a security-first mindset, promoting secure coding practices and providing expert guidance across development teams.
  • Develop security-focused policies, standards, and training programmes to elevate our security posture.
  • Create and monitor Key Risk Indicators (KRIs) to measure progress and identify areas for improvement.
  • Implement and manage security testing tools (SAST, DAST, SCA, OSS) within our CI/CD pipelines.
  • Automate security controls and compliance checks to ensure adherence to industry best practices and regulatory requirements.
  • Troubleshoot and resolve complex security issues throughout the software development lifecycle.
  • Proactively research emerging threats and vulnerabilities to continuously refine our security practices.

What We’re Looking For:

• • 7–10 years of experience in software development, DevOps, or security engineering, with a demonstrable focus on DevSecOps practices.
  • Expertise in CI/CD tools such as GitHub, Jenkins, GitLab CI/CD, or Azure DevOps.
  • Proficiency in infrastructure-as-code tools like Terraform or CloudFormation.
  • Strong scripting and automation skills using Python, Bash, or similar languages.
  • Hands-on experience with security testing tools such as SonarQube, SNYK, Nessus, or Qualys.
  • Familiarity with containerisation and orchestration technologies like Docker and Kubernetes.
  • Solid knowledge of security best practices for cloud environments (AWS, Azure, GCP).
  • An understanding of security frameworks and standards such as NIST CSF, ISO 27001, or SOC 2.
  • Excellent communication and collaboration skills, with the ability to thrive in a fast-paced, agile environment.
  • An unwavering commitment to the highest ethical standards.

Why Join Us?

This is a unique opportunity to make a tangible impact within a world-class technology organisation that prioritises innovation and integrity. We offer a highly competitive compensation and benefits package, significant opportunities for professional development, and the chance to collaborate with some of the brightest minds in the industry.