Senior DevOps Engineer (Security Focus)

Senior DevOps Engineer (Security focus)

Salary: Up to 100k

Fully remote working (Travel into London office once every few months)

The Role

As a DevOps Engineer you will become an integral part of our wellestablished and expanding team, tasked with designing, building, and securing the company’s multi-cloud environments. Your role will focus on ensuring the development and deployment processes are infused with security principles from the ground up. This includes enhancing efficiency through new platform implementations, automating security processes, and elevating the overall observability and monitoring within our environments.

Operating with a high level of autonomy, you will play a crucial role in realizing our ambitious yet attainable 5-year strategy. We are seeking engineers who are deeply passionate about technology and eager to drive real change. You should possess a willingness to ask challenging questions and address issues that may arise. Embracing a collaborative mindset, you must be open to feedback from your peers, valuing their insights and perspectives.

As a DevOps Engineer, you will have the unique opportunity to blend your expertise in development, operations, and security to create a robust and resilient infrastructure. Your dedication to ensuring the security and stability of our systems will contribute significantly to the company’s continued success in an ever-evolving digital landscape.

Responsibilities:
* Security Integration: Integrate security practices seamlessly into the development and operational processes, ensuring security is considered from the inception of projects to their deployment and maintenance.
* Cloud Security: Implement and maintain security best practices for multi-cloud environments, working across various cloud service providers (GCP/AWS/Azure) to secure cloud-based resources effectively.
* Secure CI/CD Pipelines: Establish and maintain secure Continuous Integration and Continuous Deployment (CI/CD) pipelines, implementing security checks and controls to ensure only trusted and verified code and images are deployed.
* Kubernetes Security: Implement and maintain security best practices for Kubernetes clusters (EKS and GKE), working closely with the Engineering teams to ensure secure container orchestration and management.
* Automation and Tooling: Research, develop and maintain automated security testing, vulnerability scanning, and compliance validation tools to enable continuous monitoring and assessment of the infrastructure and applications.
* Identity and Access Management (IAM): Manage access control mechanisms and enforce least privilege principles across the infrastructure and applications.
* Security Compliance: Ensure compliance with relevant security standards, industry regulations, and internal security policies, regularly assessing and reporting on security posture.
* Incident Response: Participate in incident response and remediation efforts, investigating security incidents, and developing strategies to prevent their recurrence.
* Security Monitoring and Logging: Implement robust security monitoring and logging solutions to detect and respond to security events effectively.
* Infrastructure Security: Evaluate and enhance the security of infrastructure components, including servers, network devices, and databases.

Requirements:

Technology Stack: Linux, AWS, GCP, Kubernetes, Terraform, Kafka, FluxCD, JVM, Kotlin, Postgres, Jenkins,
Ansible

Skills needed:
* Strong knowledge and experience in security principles, practices, and frameworks to assess, design, and implement security measures throughout the DevOps Pipeline
* Proficiency in DevOps methodologies and practices, with a deep understanding of CI/CD pipelines, version control, automated testing, and continuous integration and deployment.
* Experience in securing cloud environments, such as AWS, Azure, or GCP, including identity and access management, network security, and data protection.
* Knowledge of container technologies like Docker and Kubernetes and expertise in implementing security measures to ensure secure container orchestration and management.
* Experience with IaC tools such as Terraform to automate infrastructure provisioning and enforce security configurations.
* Experience in implementing security automation through scripting and using tools to perform security testing, vulnerability scanning, and compliance checks.
* Understanding of secure coding principles and ability to collaborate with developers to address security vulnerabilities in the code, build or image.
* Understanding of application security concepts, including secure authentication, authorization, and data validation.
* Experience with security monitoring tools like SIEM (Security Information and Event Management) systems and log analysis for proactive threat detection. Network Security: Understanding of network security principles, including firewalls, VPNs, and intrusion detection/prevention systems.
* Strong experience in network security principles, including firewalls, VPNs, and intrusion detection/prevention systems.
* Experience with incident response procedures and ability to participate in security incident investigations and remediation efforts.

Desirable:
* Knowledge of Service Mesh technologies like Istio or Linkerd, and their role in enhancing security and observability in microservice architectures.
* Ability to perform threat modeling exercises and risk assessments to identify potential security risks and develop strategies for risk mitigation.
* Familiarity with relevant security standards and regulations (e.g., NIST, Cyber Essentials, ISO27001, GDPR etc.) to ensure system and data compliance.
* Experience in conducting security training and awareness programs for team members to promote a security-conscious culture.