At a Glance
- Tasks: Embed security in DevOps, ensuring applications and platforms are secure by design.
- Company: Join CGI, a leader in building secure, high-performing platforms.
- Benefits: Enjoy flexible time off, medical benefits, and a profit participation plan.
- Other info: Remote role with opportunities for travel and career growth.
- Why this job: Make a real impact by enhancing security in innovative tech environments.
- Qualifications: Experience in Security Engineering or DevSecOps, with knowledge of cloud security.
The predicted salary is between 36000 - 60000 £ per year.
In this role, you will embed security at the heart of our DevOps software development lifecycle, ensuring applications, platforms, and pipelines are secure by design. You will take ownership of security controls across cloud, containerised, and virtualised environments, integrating automated testing and compliance checks that enable teams to deliver at pace without compromising resilience. You will continuously enhance our DevSecOps capabilities, strengthening vulnerability management, monitoring, and incident response processes. With the backing of experienced colleagues and central security teams, you will contribute ideas, refine tooling, and champion best practice across engineering communities, helping to build a proactive and sustainable security posture.
Key responsibilities
- Lead & Embed Secure Design: Champion secure-by-design principles across applications, platforms, and CI/CD pipelines.
- Automate & Validate Controls: Integrate SAST, DAST, SCA and policy-as-code into pipelines to ensure continuous security assurance.
- Manage & Mitigate Risk: Identify, triage, prioritise, and track vulnerabilities through to remediation.
- Strengthen Cloud & Platform Security: Secure cloud services, container platforms, IAM, and secrets management using least-privilege models.
- Monitor & Respond: Support security monitoring, logging, alerting, and incident response activities.
- Collaborate & Influence: Partner with engineering and assurance teams to translate security requirements into effective technical solutions.
- Improve & Innovate: Enhance automation, tooling, and processes to reduce risk and drive continuous improvement.
Requirements
- Proven experience in Security Engineering, DevSecOps, or DevOps-focused security roles.
- Strong knowledge of vulnerability management and tools such as SAST, DAST, and SCA.
- Experience securing cloud platforms (e.g. Azure), virtualised and containerised environments.
- Familiarity with CI/CD tools (e.g. Azure DevOps, Jenkins) and version control (Git).
- Understanding of Infrastructure as Code (e.g. Terraform, ARM, Bicep) and configuration management.
- Knowledge of security frameworks and threat modelling approaches (e.g. OWASP, CIS, STRIDE).
- Scripting or automation skills (e.g. PowerShell, Bash).
- Experience working in Agile teams using tools such as Jira and Confluence.
About CGI
CGI builds secure, high-performing platforms that safeguard data, strengthen trust, and support transformation. We emphasise ownership, collaboration, and expertise to drive real impact for clients.
Location and employment details
This is a remote role with occasional travel to London or surrounding offices.
Benefits
- Insurance coverage
- Medical benefits
- Pension plan
- Employee assistance and well-being programmes
- Flexible time off
- Share Purchase Plan
- Discounts and additional wellbeing benefits
- Profit Participation Plan
DevSecOps Engineer in City of Westminster employer: CGI Group Inc.
At CGI, we pride ourselves on fostering a collaborative and innovative work culture that empowers our employees to take ownership of their roles. As a DevSecOps Engineer, you will benefit from comprehensive medical coverage, a robust pension plan, and flexible time off, all while working remotely with the opportunity for occasional travel to London. Our commitment to employee growth is evident through our continuous training programmes and profit participation plan, making CGI an excellent employer for those seeking meaningful and rewarding careers in security engineering.
StudySmarter Expert Advice🤫
We think this is how you could land DevSecOps Engineer in City of Westminster
✨Tip Number 1
Network like a pro! Reach out to folks in the industry, attend meetups, and connect with people on LinkedIn. You never know who might have the inside scoop on job openings or can refer you directly.
✨Tip Number 2
Show off your skills! Create a portfolio or GitHub repository showcasing your projects, especially those related to DevSecOps. This gives potential employers a taste of what you can do and sets you apart from the crowd.
✨Tip Number 3
Prepare for interviews by brushing up on common DevSecOps scenarios and challenges. Practice explaining how you've tackled security issues in past roles, and be ready to discuss tools like SAST and DAST that you’ve used.
✨Tip Number 4
Don’t forget to apply through our website! We love seeing candidates who are genuinely interested in joining us at CGI. Tailor your application to highlight your experience with cloud security and CI/CD tools, and let’s get the conversation started!
We think you need these skills to ace DevSecOps Engineer in City of Westminster
Some tips for your application 🫡
Tailor Your CV:Make sure your CV speaks directly to the role of DevSecOps Engineer. Highlight your experience with security engineering, cloud platforms, and CI/CD tools. We want to see how your skills align with our needs!
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Share your passion for embedding security in the DevOps lifecycle and give us examples of how you've championed secure design principles in past roles. Let your personality come through!
Showcase Your Technical Skills:Don’t forget to mention your experience with tools like SAST, DAST, and vulnerability management. We love seeing candidates who can demonstrate their technical prowess and how they’ve used it to improve security processes.
Apply Through Our Website:We encourage you to apply directly through our website. It’s the best way for us to receive your application and ensures you’re considered for the role. Plus, it shows you’re keen on joining our team!
How to prepare for a job interview at CGI Group Inc.
✨Know Your Security Principles
Make sure you brush up on secure-by-design principles and how they apply to applications, platforms, and CI/CD pipelines. Be ready to discuss specific examples of how you've implemented these principles in your previous roles.
✨Familiarise Yourself with Tools
Get comfortable with the tools mentioned in the job description, like SAST, DAST, and SCA. If you can, try to demonstrate your experience with these tools during the interview by sharing relevant projects or challenges you've tackled.
✨Showcase Your Collaboration Skills
This role involves a lot of teamwork, so be prepared to talk about how you've partnered with engineering and assurance teams in the past. Highlight any successful projects where you translated security requirements into effective solutions.
✨Prepare for Scenario Questions
Expect scenario-based questions that test your problem-solving skills in real-world situations. Think about how you would manage vulnerabilities or respond to incidents, and be ready to explain your thought process clearly.
