Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Join our team to integrate security into DevOps and automate security measures.
- Company: Watchfinder & Co. is the leading specialist in premium pre-owned watches since 2002.
- Benefits: Enjoy private healthcare, dental cover, and an increasing holiday scheme.
- Why this job: Be part of a supportive team culture focused on personal growth and career development.
- Qualifications: 3-5 years in DevSecOps with knowledge of security frameworks like OWASP and Snyk.
- Other info: Work closely with talented teams and stay updated with cutting-edge security tools.
The predicted salary is between 36000 - 60000 £ per year.
Since Watchfinder & Co. was first founded in 2002, it has grown to become the premier resource from which to buy and sell premium pre-owned watches. With thousands of watches available from more than 50 brands, including Rolex, Omega, IWC and more, plus boutiques across the UK and a manufacturer certified service centre, Watchfinder has established itself as the top pre-owned watch specialist.
We’re looking for an experienced, highly motivated DevSecOps Engineer to help ensure the security and efficiency of the software products produced by our growing Technology team and organization. As a DevSecOps Engineer within the Development team here at Watchfinder, you will integrate security practices into the DevOps processes, automate security measures, and monitor/manage security incidents across Watchfinder products. We’re looking for an individual who puts security first and sees the value in a robust DevSecOps process.
You will work closely with the Dev Team Lead and the wider development team to understand project requirements to implement and maintain security measures. A problem solver, with an eye for detail and the ability to think of scenarios that others might not. You will own the security of the user journey from planning phase to the release to the live environment.
Key Responsibilities:- Integrating security practices into the DevOps lifecycle
- Automating security measures and processes
- Assist the Development, Engineering & Product teams within Squads in assessing and improving security of the applications
- Work with developers and support personnel to identify security vulnerabilities and raise issues where appropriate
- Monitor progress of projects and security incident triage
- Participate in feature planning sessions, release activities, development and project meetings
- Understanding and maintaining software security for features built by defining security plans and approaches ensuring comprehensive security testing is completed
- Working closely with the Product team to fully understand the business requirements to ensure security plans are fit for purpose and are fully scoped with timelines for completion
- Ensure that all documentation such as written security plans and scripts are all completed
- Staying abreast with the latest, state-of-the-art security tools and automation platforms/techniques
- Ensure delivery of high standards, documentation, and service levels
- 3-5 years’ experience in DevSecOps or related roles
- Knowledge and working experience of security frameworks and tools - OWASP, Snyk, etc.
- Good team player and able to work on own initiative
- Proven experience in mentoring other team members
- Proven ability of establishing strong, effective working relationships at all levels
- Strong organization, accuracy, and attention to detail
- Strong sense of urgency and dedicated work ethic
- Ability to work under tight deadlines and to prioritize under pressure
- Knowledge of development, security, and quality assurance best practices and methodologies
- Ability to receive and relay information through written and verbal communication
- Ability to think outside the box e.g. Edge cases
- Security tools: WIZ, Snyk, KICS, Qodana
- Linters and formatters: ESLint, dprint, Biome, semantic versioning, conventional commits
- Familiarity with DataDog or Site 24x7 is a bonus
- Familiarity with API Security, Container Security, AWS Cloud Security
- Familiarity with Amazon AWS Policy, Configuration, WAF, GuardDuty and Security Management tools
- Certified Information Systems Security Professional (CISSP) or similar certification
Why work for Watchfinder? Firstly, what makes Watchfinder a great place to work is the people! Whether that be within your immediate team or across other areas of the business, there really is a family feel across the whole company. If personal growth and development is high on your priority list, then Watchfinder is the place for you. We’ve had numerous success stories throughout the business of our staff furthering and developing their careers, proving to be integral contributors to the company. To be part of this exciting journey, apply now!
Our Benefits & Incentives:As well as a competitive salary we also offer a great benefits package: Private healthcare and dental, Holiday scheme – Increasing annual leave.
DevSecOps Engineer employer: Richemont
Contact Detail:
Richemont Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land DevSecOps Engineer
✨Tip Number 1
Familiarise yourself with the specific security frameworks and tools mentioned in the job description, such as OWASP and Snyk. Being able to discuss your hands-on experience with these tools during an interview will demonstrate your readiness for the role.
✨Tip Number 2
Showcase your problem-solving skills by preparing examples of past projects where you identified and resolved security vulnerabilities. This will highlight your proactive approach and ability to think outside the box, which is crucial for a DevSecOps Engineer.
✨Tip Number 3
Engage with the latest trends in security tools and automation platforms. Being knowledgeable about state-of-the-art techniques will not only impress your interviewers but also show that you are committed to continuous learning in the field.
✨Tip Number 4
Network with current or former employees of Watchfinder on platforms like LinkedIn. Gaining insights into the company culture and expectations can give you an edge in interviews and help you tailor your responses to align with their values.
We think you need these skills to ace DevSecOps Engineer
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in DevSecOps and security frameworks. Use keywords from the job description, such as 'automating security measures' and 'monitoring security incidents', to demonstrate your fit for the role.
Craft a Compelling Cover Letter: In your cover letter, express your passion for security in software development. Mention specific tools and frameworks you have experience with, like OWASP or Snyk, and how you've successfully integrated security practices in previous roles.
Showcase Problem-Solving Skills: Provide examples of how you've identified and resolved security vulnerabilities in past projects. Highlight your ability to think outside the box and detail any edge cases you've encountered and addressed.
Highlight Team Collaboration: Emphasise your experience working closely with development teams. Discuss how you've collaborated with others to improve application security and how you’ve mentored team members in best practices.
How to prepare for a job interview at Richemont
✨Showcase Your Security Knowledge
Make sure to brush up on security frameworks and tools like OWASP and Snyk. Be prepared to discuss how you've integrated security practices into DevOps processes in your previous roles.
✨Demonstrate Problem-Solving Skills
Prepare examples of how you've identified and resolved security vulnerabilities in past projects. Highlight your ability to think outside the box and consider edge cases that others might overlook.
✨Emphasise Team Collaboration
Since this role involves working closely with various teams, be ready to talk about your experience in collaborating with developers and product teams. Share instances where you’ve successfully mentored team members or improved team dynamics.
✨Stay Updated on Security Trends
Familiarise yourself with the latest security tools and automation techniques. Mention any recent developments in the field that you find interesting, as this shows your commitment to staying current in the industry.
