Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Join us as a DevSecOps Engineer to embed security in every phase of software development.
- Company: Be part of a forward-thinking company that prioritizes security in tech innovation.
- Benefits: Enjoy flexible work options, competitive pay, and opportunities for professional growth.
- Why this job: Make a real impact by ensuring secure coding practices and compliance in a dynamic environment.
- Qualifications: 2-4 years in DevSecOps with hands-on experience in cloud security and CI/CD tools required.
- Other info: Work with cutting-edge technologies and collaborate with passionate teams focused on security.
The predicted salary is between 43200 - 72000 £ per year.
Overview:
The DevSecOps Engineer will integrate security practices into the software development lifecycle (SDLC) and DevOps workflows, ensuring that security is embedded into every phase of system design, development, deployment, and maintenance. This role will involve managing and automating security tools, enforcing best practices for secure coding, infrastructure, and deployment, and ensuring that the organization’s systems and platforms are compliant with industry standards and regulations.
Key Responsibilities:
Implement and enforce security controls across the entire DevOps pipeline (CI/CD), including code, build, deployment, and runtime environments.
Collaborate with development and operations teams to ensure that security is a priority at
Integrate static and dynamic security testing tools (e.g., SAST, DAST) into CI/CD pipelines to automatically detect vulnerabilities in code and applications.
Use automated tools for vulnerability scanning, threat modeling, and compliance checks.
Ensure that infrastructure and configuration code (e.g., Terraform, CloudFormation) follow security best practices and are free from vulnerabilities.
Automate security controls and compliance testing for cloud infrastructure (AWS, Azure, GCP) using IaC tools.
Work with cloud platforms (e.g., AWS, Azure, Google Cloud) to ensure secure configurations, network architecture, and identity and access management (IAM) policies.
Leverage cloud-native security tools such as AWS GuardDuty, CloudTrail, Security Hub, and Azure Security Center to monitor and respond to threats.
Secure containerized environments, including Docker, Kubernetes, and orchestrators like EKS and ECS.
Implement runtime security monitoring for containers and serverless applications.
Automate incident detection and response workflows for security events using SIEM tools and cloud-native security solutions.
Respond to security incidents, investigate breaches, and recommend corrective actions.
Ensure that systems meet regulatory and compliance requirements (e.g., GDPR, HIPAA, PCI-DSS) by embedding security controls and audits into the development process.
Generate reports and audits to ensure continuous compliance with industry standards.
Experience and Qualifications:
Minimum of 2-4 years in a DevSecOps or security engineering role with hands-on experience in integrating security within DevOps workflows.
Strong experience with AWS , Azure , or Google Cloud security services and configurations.
Familiarity with cloud-native security tools , including AWS GuardDuty, Security Hub, CloudTrail, and similar services.
Experience with SAST/DAST tools, security vulnerability scanners, and static analysis tools.
Proficient in using security tools for continuous integration/continuous deployment (CI/CD) pipelines (e.g., SonarQube, Checkmarx, Snyk, OWASP ZAP).
Strong experience with Terraform , CloudFormation , or similar IaC tools to ensure secure, scalable infrastructure configurations.
Hands-on experience securing Docker , Kubernetes , EKS , and ECS environments.
Experience with container security tools like Aqua Security , Twistlock , or Sysdig .
Experience in handling security incidents, analyzing threats, and conducting post-incident reviews.
Familiarity with SIEM tools (e.g., Splunk, ELK, Datadog) and security monitoring solutions.
Security Platform Engineer employer: GCS
Contact Detail:
GCS Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Security Platform Engineer
✨Tip Number 1
Familiarize yourself with the specific security tools mentioned in the job description, such as AWS GuardDuty and Snyk. Having hands-on experience or even personal projects showcasing these tools can set you apart from other candidates.
✨Tip Number 2
Engage with the DevSecOps community through forums, webinars, or local meetups. Networking with professionals in the field can provide insights into best practices and may even lead to referrals for job openings.
✨Tip Number 3
Consider contributing to open-source projects that focus on security within DevOps. This not only enhances your skills but also demonstrates your commitment to the field and can be a great talking point during interviews.
✨Tip Number 4
Stay updated on the latest security trends and compliance regulations relevant to cloud platforms. Being knowledgeable about GDPR, HIPAA, and PCI-DSS will show that you understand the importance of security in the software development lifecycle.
We think you need these skills to ace Security Platform Engineer
Some tips for your application 🫡
Tailor Your CV: Make sure to customize your CV to highlight your experience in DevSecOps and security engineering. Focus on relevant projects where you integrated security into the SDLC and DevOps workflows.
Craft a Strong Cover Letter: In your cover letter, emphasize your hands-on experience with cloud platforms like AWS, Azure, or GCP. Mention specific tools you've used for security automation and compliance checks.
Showcase Relevant Skills: Clearly list your proficiency with SAST/DAST tools, vulnerability scanners, and IaC tools like Terraform or CloudFormation. Highlight any experience with container security and incident response.
Demonstrate Compliance Knowledge: Mention your familiarity with regulatory requirements such as GDPR, HIPAA, and PCI-DSS. Provide examples of how you've ensured compliance in previous roles.
How to prepare for a job interview at GCS
✨Showcase Your DevSecOps Knowledge
Be prepared to discuss your experience with integrating security into the DevOps lifecycle. Highlight specific projects where you implemented security controls in CI/CD pipelines and how you collaborated with development and operations teams.
✨Familiarize Yourself with Security Tools
Make sure you know the security tools mentioned in the job description, such as SAST/DAST tools and cloud-native security services like AWS GuardDuty and Azure Security Center. Be ready to explain how you've used these tools in past roles.
✨Demonstrate Your Cloud Security Expertise
Since the role involves working with cloud platforms, be prepared to discuss your experience with AWS, Azure, or Google Cloud. Talk about how you've ensured secure configurations and compliance within these environments.
✨Prepare for Incident Response Scenarios
Expect questions about handling security incidents. Prepare examples of past incidents you've managed, including your approach to investigation, response, and recommendations for corrective actions.
