DevSec Engineer - Secure DevOps & Cloud (Hybrid)

This is a hybrid role requiring you 4 days on-site in Camden. Kick-start your career in the online gaming world and experience the very latest in technology and innovation.

Who we are

We’re Super Group, the NYSE-listed digital gaming company behind some of the world’s leading Sports and iGaming brands, including Betway and Jackpot City. We’re a powerhouse built on decades of expertise across 22 countries – and with over 2,800 bright minds, we’re changing the game for good. Our mission is to give our customers a superclass entertainment experience.

Who we’re looking for

We’re on a thrilling journey of growth and innovation, and we need passionate, driven individuals to join us. At Super Group, every day is action-packed, and we expect you to bring your A-game. In return, you’ll find a supportive environment where your skills can flourish and your career can soar.

Why we need you

We’re building experiences that wow our customers – and that starts with bold, curious people who want to do work that matters. If you’re hungry to grow, excited by impact and ready for a challenge that will supercharge your career, this could be your moment.

As our DevSec Engineer you’ll play a key part in delivering secure applications and hands-on security support to our developers to ensure they are fixing the right things. Your drive and ideas will help us move faster, improve smarter, and stay ahead of the game. Acting as a technical authority across development, platform, operations, and information security, the DevSec Engineer is a multi-disciplinary engineering role with a focus on application and platform security controls, working closely with development teams to improve security outcomes.

What you’ll do

• Integrate and operate application security controls within CI/CD pipelines, including:
• Static Application Security Testing (SAST)
• Dynamic Application Security Testing (DAST)
• Software Composition Analysis (SCA)
• Support secure SDLC practices such as:
• Branch protection and quality gates
• Secure build and release controls
• Artifact integrity and validation checks
• Assist with threat modelling and secure design reviews in collaboration with architecture teams.
• Support developers in vulnerability triage and remediation.
• Tune security tools to reduce false positives and developer friction.
• Support audit, compliance, and evidence generation activities.
• Participate in security incident investigation related to application flaws.
• Ensure secure, compliant approaches are the default and easiest options for development teams to adopt.
• Configure and maintain security tooling integrations within CI/CD systems (e.g. GitHub Actions, GitLab CI, Jenkins, Azure DevOps) under agreed architectural standards.
• Ensure security controls operate consistently across teams and repositories.
• Define and document DevSec security standards, patterns, and decisions.
• Provide evidence and control mappings to support audits, risk assessments, and regulatory reviews.
• Identify and track DevSec-related risks and technical debt, driving remediation through process improvements rather than manual controls.

Stakeholder Collaboration

Influence security outcomes through collaboration and technical leadership rather than enforcement. Contribute to security enablement, awareness, and uplift initiatives focused on cloud-native and container security practices. This list covers your core responsibilities – with plenty of room to stretch, explore and take on new challenges as we grow.

What you’ll bring

• Clear, confident communication (written and verbal), and the ability to breakdown complex ideas.
• A collaborative mindset, working smoothly with cross-functional teams to hit shared goals.
• Strong organisational skills and the ability to manage multiple projects without dropping the ball.
• Exceptional attention to detail and a commitment to high-quality work.
• Adaptability – you stay sharp, productive and positive in fast-moving environments.
• Strong grounding in application security concepts.
• Secure coding knowledge (OWASP Top 10, API security, dependency risk).
• Strong knowledge of SAST, DAST, SCA, and software supply-chain security concepts.
• Strong advocate for enablement-first security. Ability to influence engineering teams through collaboration and technical credibility.
• Hands-on expertise with containers and orchestration platforms (e.g. Docker, Kubernetes).
• Demonstrated experience implementing container security across build, registry, and runtime.
• Proven experience securing CI/CD pipelines and developer toolchains.
• Knowledge of Infrastructure as Code (Terraform, Bicep, CloudFormation, etc.).
• Secrets and key management.
• Cloud identity and access management.
• Solid understanding of information security frameworks (e.g. ISO 27001).
• Experience operating in regulated or audited environments.
• Able to design controls that are auditable without slowing delivery.

Desirable skills you’ve got up your sleeve

• In-depth knowledge of sports betting markets, including odds calculation, betting types and market trends.
• Previous experience in the online gaming or casino industry, with a strong understanding of player behaviour and industry regulations.
• Familiarity with gambling regulations and compliance requirements in various jurisdictions, ensuring adherence to legal standards.
• Experience in developing and executing customer retention strategies.
• Experience operating at scale in multi-team or multinational environments.
• Prior involvement in audits, regulatory reviews, or formal assurance activities.

Our values are non-negotiables: Ownership and accountability, Initiating action, Resilience, Team orientation, Integrity.

What you’ll get back

Supergrowth is real here. Our learning and development programmes give you the tools, training and opportunities to level up fast. Your progress matters. Our Performance tool ensures you get meaningful feedback to support your development and superdrive your career. Support that has your back. Our Employee Assistance Programme offers resources for you and your family.

Ready to feel superclass? At Super Group, your experience matters. We’re honest, fair, and focused on helping you succeed – and your work will have real impact from day one.

Should you not hear from us within 2 weeks, please assume your application has not been successful.