Find a job 
Featured Companies 
Featured Universities 
For Companies This role is Inside IR35.
Contract Length: 6 months
Clearance: SC
Location: Any client office – 2/3 days per week preferred onsite / rest WFH
Essential Skills and Experience
• Strong hands-on expertise in DevSecOps practices, particularly security automation in CI/CD and infrastructure-as-code pipelines.
• Deep understanding of modern DevOps tooling (e.g., GitHub Actions/ CircleCI, Terraform, Kubernetes, Docker) with secure configurations.
• Experience implementing security controls in cloud-native environments (e.g., AWS or Azure) including IAM, network policies, and container security.
• Proven track record of using tools such as Snyk, Trivy, Checkov, OPA/Gatekeeper/OWASP ZAP, or similar to enforce pipeline and platform security.
• Familiarity with compliance requirements (e.g., NIST, ISO 27001, CIS Benchmarks) and their implementation via code.
• Ability to lead and mentor teams on secure coding, threat modelling, and secure architecture patterns.
• Experience with monitoring, logging, and security telemetry platforms (e.g., Prometheus, Loki, ELK, XDR/SIEM integrations).
Overview
The Lead DevSecOps role will be responsible for ensuring that the replacement systems are security compliant, adhering to standards such as Secure by Design and GovAssure, utilising a shift left mentality to fix problems before production. This is as part of highly complex legacy replacements involving approximately 90,000 users.
#J-18808-Ljbffr
Contact Detail:
ComXps Recruiting Team
