Lead DevSecOps Engineer - SC Cleared

Lead DevSecOps Engineer - SC Cleared

Rate: -600 - -645 a day

IR35 Status: Inside IR35

Clearance required: MOD SC

Location: Office visits to London circa once a week

You will join a global IT Consultancy delivering digital transformation to the MoD. As an experienced, client-facing Lead DevSecOps Engineer you will drive and coordinate DevSecOps practices across multiple digital products. Products will be deployed across the MOD digital estate (MODCloud), including MOD''s instances of Microsoft Azure (MODCloud ACE / i-ACE), AWS (MODCloud ICE) and Oracle Cloud Infrastructure (OCI / MODCloud OCE).

You will embed security, compliance and automation into the software delivery lifecycle, ensuring platforms and applications meet stringent security and operational standards. You will also establish consistent, documented processes used by DevSecOps engineers across each environment, including a coordinated approach for releasing updates across the integrated set of products and platforms in scope.

This role requires deep expertise in CI/CD pipelines, delivery workflows and security tooling across these cloud environments, alongside strong collaboration with developers, DevSecOps engineers, infrastructure engineers and test teams.

Key Responsibilities

• Design, implement, document and continuously improve DevSecOps practices across the delivery teams, including:
• Secure, automated CI/CD pipelines
• Security scanning integrated into build, test and deployment workflows
• Vulnerability lifecycle management, including allowlist processes and risk acceptance where required
• Secrets management and identity/access management
• Policy enforcement for workloads, container images and infrastructure
• Observability, monitoring, logging and audit controls

• Partner with developers to embed secure-by-design engineering and ensure compliance with MOD security standards.
• Enable and govern Infrastructure as Code (IaC) practices across teams and environments.
• Contribute to incident response, patching cycles and compliance reporting, ensuring lessons learned are captured and actions tracked.
• Document security processes, controls and operational runbooks in Confluence.

Key Skills and Experience

• Proven experience as a DevSecOps Lead, establishing and operating DevSecOps ways of working and associated tooling across the following areas (hands-on and leading others):
• CI/CD and GitOps (e.g. GitHub Actions, Argo CD, Argo Rollouts)
• Security and compliance tooling (e.g. Trivy scanning and vulnerability management, HashiCorp Vault, cert-manager)
• Containers and orchestration (e.g. Docker, AWS EKS)
• Infrastructure as Code (e.g. Terraform)
• Observability (e.g. Grafana, Loki)
• Scripting and automation (e.g. Python, Bash)
• Cloud and networking fundamentals (e.g. AWS IAM, S3, network policies)
• Experience delivering within the UK Government Digital Service (GDS) lifecycle on a public sector engagement.
• Experience working with and leading distributed and hybrid teams.
• Demonstrated ability to work across cross-functional teams, particularly with developers, testers and DevSecOps engineers.
• Strong facilitation, communication and stakeholder management skills, with experience influencing at multiple levels.