Platform Security Engineer / DevSecOps – Kubernetes – £60k to £100k
Platform Security Engineer / DevSecOps
Kubernetes / Terraform
CISSP / CISM / CISMP / CISA / ISSMP
£60,000 – £100,000 per annum + Additional Benefits
Our prestigious client is currently sourcing a Platform Security Engineer / DevSecOps engineer to join their expanding team, specialising in Platform Security, IT Security, Privacy and Automation. This role will be based in the London area and working for our market leading client. As the Platform Security Engineer / DevSecOps you will be taking an integral role within the Technology Division and play a major role in the automated application development & delivery lifecycle for software releases across the enterprise
- Automate, automate, automate
- Design and build our clients next generation cloud platform aligning security, compliance, performance and resilience within agreed budgets and business risk boundaries.
- Influence and create new designs, architectures, standards and methods for distributed systems, with a strong bias towards Security as Code’
- Design and build automated vulnerability scan and remediation pipeline
- Develop processes that produce artefacts to support security & compliance requirements
- Build and maintain an auditing and reporting framework that produces artifacts to support security and compliance needs
- Design and maintain security event monitoring, logging & alerting framework
- Develop automated monitoring & alerting for live services and respond quickly and effectively to any problems
- Solve problems relating to mission critical services and building automation to prevent problem recurrence; with the goal of automating response to all non-exceptional service conditions
- Work with security partners to ensure penetration testing happens and remedial actions are completed quickly & effectively
- Embrace the feedback loop’ by engaging with various engineering teams to transform concepts, requirements for services and tools
- Work collaboratively with all participants in software development activities and be supportive of developers and testers as they move code through their build dev/test environments.
- Work with the client’s development community to improve the software engineering processes and practices associated with continuously building, deploying, and updating software and environments.
- Occasional on-call duties to provide application support, incident management, and troubleshooting
Expert understanding of
Experience and sound knowledge of
- Google Cloud Platform
• Comfort with code
• Good understanding of cyber threat intelligence and management programmes.
• Good understanding of security programmes to address risks including patching, secure build, vulnerability scanning and remediation, logging and monitoring, threat management and user awareness.
• A desire to learn from incidents and the ability to translate those lessons into practical process and/or control changes.
• Experience with data analysis – extracting information from large sets of data and finding patterns, especially relating to high-severity vulnerabilities.
• Have strong communication skills and ability to articulate complex and technical concepts to
• non-technical audiences.
• Create robust and scalable multi-region solutions to accommodate our growing user base.
• Continuous delivery – principles and pragmatics of dealing with build pipelines, artefact repositories, zero-downtime deployment and so on
• Security related qualifications such as CISSP, CISM, CISMP, CISA, ISSMP, ISO27001 lead implementer or auditor, MBCI, IAPP
• Kubernetes CRD controller experience
• Jenkins scripted pipelines experience
• GCP experience