Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead security integration in development, ensuring compliance and seamless system upgrades.
- Company: Join Damia Group, a dynamic agency focused on tech recruitment and transformation.
- Benefits: Enjoy a competitive rate of £650 per day with flexible onsite options.
- Why this job: Be part of a major digital transformation impacting 90,000 users while enhancing your DevSecOps skills.
- Qualifications: Strong experience in DevSecOps, cloud security, and modern tooling is essential.
- Other info: Active SC clearance required; this role promotes a culture of security-first development.
The predicted salary is between 46800 - 78000 £ per year.
**Lead DevSecOps Engineer – 6 month initial contract – £650 per day (INSIDE IR35) – 2-3 days per week onsite (range of locations available)** Security Clearance: Due to the nature of the work, an active SC clearance is required for this role. We are looking for a Lead DevSecOps role to join a digital transformation programme. This position is responsible for ensuring that security is built into every part of the development lifecycle, specifically ensuring that security tooling (native and non-native) is properly embedded into CI/CD CI/CD pipelines. The role holder will be part of the transformation programmes including tech debt replacement and migration, embedding security to ensure seamless integration of new systems/ features and workflows. The Lead DevSecOps role will be responsible for ensuring that the replacement systems are security compliant, adhering to standards such as Secure by Design and GovAssure, utilising a shift left mentality to fix problems before production. This is as part of highly complex legacy replacements involving approximately 90,000 users. Essential skills and experience: Strong hands-on expertise in DevSecOps practices, particularly security automation in CI/CD and infrastructure-as-code pipelines. Deep understanding of modern DevOps tooling (e.g., GitHub Actions/ CircleCI, Terraform, Kubernetes, Docker) with secure configurations. Experience implementing security controls in cloud-native environments (e.g., AWS or Azure) including IAM, network policies, and container security. Proven track record of using tools such as Snyk, Trivy, Checkov, OPA/Gatekeeper/ OWASP ZAP, or similar to enforce pipeline and platform security. Familiarity with compliance requirements (e.g., NIST, ISO 27001, CIS Benchmarks) and their implementation via code. Ability to lead and mentor teams on secure coding, threat modelling, and secure architecture patterns. Experience with monitoring, logging, and security telemetry platforms (e.g., Prometheus, Loki, ELK, XDR/SIEM integrations). Damia Group Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept our Data Protection Policy which can be found on our website. Please note that no terminology in this advert is intended to discriminate on the grounds of a person\’s gender, marital status, race, religion, colour, age, disability or sexual orientation. Every candidate will be assessed only in accordance with their merits, qualifications and ability to perform the duties of the job. Damia Group is acting as an Employment Business in relation to this vacancy and in accordance to Conduct Regulations 2003. TPBN1_UKTJ
Lead DevSecOps Engineer employer: Damia Group Ltd
Contact Detail:
Damia Group Ltd Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Lead DevSecOps Engineer
✨Tip Number 1
Make sure you have your active SC clearance sorted before applying. This is a crucial requirement for the role, and having it in place will show that you're ready to hit the ground running.
✨Tip Number 2
Familiarise yourself with the specific tools mentioned in the job description, like Snyk, Trivy, and Terraform. Being able to discuss your hands-on experience with these tools during interviews will set you apart from other candidates.
✨Tip Number 3
Prepare to demonstrate your understanding of compliance requirements such as NIST and ISO 27001. Having real-world examples of how you've implemented these standards in previous roles can really impress the hiring team.
✨Tip Number 4
Showcase your leadership skills by preparing examples of how you've mentored teams in secure coding practices. This role requires not just technical expertise but also the ability to guide others in best practices.
We think you need these skills to ace Lead DevSecOps Engineer
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights your hands-on expertise in DevSecOps practices, particularly focusing on security automation in CI/CD and infrastructure-as-code pipelines. Use specific examples that demonstrate your experience with modern DevOps tooling and cloud-native environments.
Craft a Strong Cover Letter: In your cover letter, emphasise your understanding of compliance requirements and your ability to lead and mentor teams. Mention any relevant projects where you implemented security controls or worked with tools like Snyk or OWASP ZAP.
Highlight Security Clearance: Since an active SC clearance is required for this role, make sure to clearly state your current security clearance status in your application. This will help the employer quickly assess your eligibility.
Showcase Relevant Experience: When detailing your work experience, focus on your proven track record in implementing security measures and your familiarity with compliance standards. Use metrics or outcomes to illustrate the impact of your contributions in previous roles.
How to prepare for a job interview at Damia Group Ltd
✨Showcase Your Security Expertise
Make sure to highlight your hands-on experience with security automation in CI/CD pipelines. Be prepared to discuss specific tools you've used, such as Snyk or OWASP ZAP, and how you've implemented security controls in cloud environments like AWS or Azure.
✨Demonstrate Your DevOps Knowledge
Familiarise yourself with modern DevOps tooling and be ready to explain how you've utilised them in past projects. Discuss your experience with GitHub Actions, Terraform, and Kubernetes, focusing on secure configurations and best practices.
✨Prepare for Technical Questions
Expect technical questions related to compliance requirements and security standards. Brush up on NIST, ISO 27001, and CIS Benchmarks, and be ready to explain how you've implemented these in your previous roles.
✨Emphasise Leadership and Mentoring Skills
Since this role involves leading and mentoring teams, prepare examples of how you've guided others in secure coding and threat modelling. Highlight any experience you have in fostering a culture of security within development teams.
