Negotiable
DevSecOps SME
Location: London (Hybrid)
Contract: 6 Months
IR35 Status: Inside IR35
Our client, a leading investment bank, is seeking an experienced DevSecOps SME to join their team.
This role will lead and advise on integrating security practices into DevOps pipelines. The ideal candidate will have deep expertise across development, security, and operations, with a strong focus on automation, CI/CD, and secure software development lifecycle (SDLC) practices.
Key Responsibilities
- Lead the integration of security into CI/CD pipelines.
- Advise on secure coding and deployment practices across teams.
- Implement and enforce security policies, standards, and best practices.
- Conduct threat modeling, risk assessments, and vulnerability management.
- Mentor and train teams on DevSecOps principles and tools.
Skills & Experience Required
- CI/CD Security Engineering: Proven experience designing and maintaining secure CI/CD pipelines.
- DevSecOps Tool Integration: Hands-on experience with SAST, DAST, SCA, and secrets management tools.
- Cross-Functional Collaboration: Ability to work closely with development, operations, and security teams.
- Threat Modeling & Risk Assessment: Strong knowledge of security risk management.
- Cloud & Container Security: Expertise in AWS, Azure, GCP, Docker, and Kubernetes.
- Security Governance: Experience developing and enforcing security standards.
- Incident Response Leadership: Skilled in leading incident response and root cause analysis.
- Training & Mentorship: Ability to upskill teams on DevSecOps best practices.
Please apply with your updated CV if the role is of interest