Senior DevSecOps Engineer (40036)

Senior DevSecOps Engineer (40036)

Full-Time 60000 - 80000 £ / year (est.) No working from home possible
Holland and Barrett

At a Glance

  • Tasks: Design and build secure cloud platforms while embedding security into the software delivery lifecycle.
  • Company: Join Holland & Barrett, a leader in health and wellness with a focus on innovation.
  • Benefits: Enjoy competitive salary, health cash plan, flexible working, and discounts.
  • Other info: Be part of a diverse team committed to creating an inclusive environment.
  • Why this job: Shape the future of security in software delivery and influence hundreds of engineers.
  • Qualifications: Experience in DevSecOps, AWS, and strong communication skills required.

The predicted salary is between 60000 - 80000 £ per year.

We're building a secure, cloud-native platform that underpins how software is delivered across the organisation. Following a major digital transformation, our platform enables teams to ship high-quality software quickly, safely, and consistently by default. As we continue to scale, security, reliability, and developer experience are treated as first-class concerns, designed in from the start. This role sits at the heart of that mission, shaping how security is applied at scale and how engineering teams confidently move from idea to production.

As a DevSecOps Engineer, you’ll be a hands-on contributor to the design, build, and operation of our internal platform. This is a delivery-focused role, working closely with SRE, Cloud, and Application Security teams to embed security controls, guardrails, and best practices directly into tooling, pipelines, and infrastructure. You’ll help define how security is applied at scale in a pragmatic, developer-friendly way, influencing engineering culture through code, automation, and clear technical standards—raising the baseline for security and operational excellence across the organisation.

The Tech Stack

  • Cloud & Networking: AWS (multi-account, IAM, VPC, managed services), hybrid/on-prem connectivity
  • Containers & Orchestration: Docker, Kubernetes (EKS, ECS)
  • Infrastructure as Code: OpenTofu, Terragrunt, CloudFormation
  • CI/CD: GitLab CI, reusable components, self-hosted runners
  • Security & Identity: Microsoft Entra, AWS IAM, OIDC, secrets management, policy-as-code
  • Observability: Centralised logging, metrics, tracing (e.g. Datadog, OpenTelemetry)
  • Platform Automation: Declarative configuration and infrastructure management
  • Internal Tooling: Developer-facing tools and services built with Python, Go, and modern frontend frameworks
  • Version Control: Git, merge requests, and code review workflows

What You’ll Do

  • Design, build, and operate secure cloud and platform capabilities
  • Embed security controls across the software delivery lifecycle by default
  • Build and maintain fast, reliable, secure CI/CD pipelines and reusable components
  • Automate security, compliance, and operational checks
  • Partner with engineering teams to remove friction and improve workflows
  • Contribute to platform architecture, standards, and technical direction
  • Promote ownership, continuous improvement, and pragmatic DevSecOps practice

Key requirements

  • Hands-on experience as a DevSecOps Engineer, Platform Engineer, Cloud Security Engineer, or similar role
  • Strong understanding of DevSecOps principles, including CI/CD, infrastructure as code, and security automation
  • Solid experience working in AWS environments
  • Practical knowledge of containerised workloads and Kubernetes
  • Clear communication skills and the ability to work effectively across teams
  • A focus on raising engineering standards through practical, scalable solutions

Why Holland & Barrett?

You will be joining at a point where the platform is still being actively shaped, with real scope to influence how security and delivery work across the organisation. This role offers autonomy, technical ownership, and the opportunity to build foundational capabilities that directly impact hundreds of engineers. We offer a competitive salary, comprehensive benefits, and flexible working arrangements. If you enjoy building secure platforms that developers actually love, we’d love to hear from you.

What we offer

  • Wellbeing & Lifestyle Benefits: Health Cash Plan, Life Assurance, Incentive Scheme - Based on company & personal performance, Virtual GP, Private Medical care, FREE at-home blood test kit, Holiday Purchase option, Pension Contribution scheme, Access to 'Wellhub' with gyms, studios and wellbeing apps
  • Discounts & Savings: 25% Colleague Discount with FREE Standard Delivery, Exclusive Discounts from a wide range of partners, £/€50 Annual Product Allowance to spend in store
  • Learning & Development: Access to a variety of learning opportunities, including Level 2-5 Apprenticeships, Workshops and our Digital Learning Library AND MORE!

Equal Opportunity

Holland and Barrett is an equal opportunity employer. We welcome diverse perspectives and are committed to creating an inclusive environment for all colleagues. We understand that when our colleagues are listened to, respected and valued for who they are, we build an organisation with belonging at its heart—making health and wellness a way of life for everyone.

Senior DevSecOps Engineer (40036) employer: Holland and Barrett

Holland & Barrett is an exceptional employer, offering a unique opportunity for a Senior DevSecOps Engineer to shape the future of our secure, cloud-native platform. With a strong focus on employee wellbeing, flexible working arrangements, and a commitment to continuous learning and development, we foster a collaborative work culture that values diverse perspectives and encourages technical ownership. Join us to make a meaningful impact while enjoying competitive benefits and a supportive environment that prioritises both personal and professional growth.

Holland and Barrett

Contact Details:

Holland and Barrett Recruitment Team

StudySmarter Expert Advice🤫

We think this is how you could land Senior DevSecOps Engineer (40036)

Tip Number 1

Network like a pro! Reach out to current employees on LinkedIn or at industry events. Ask them about their experiences and the company culture. This can give you insider info and might even lead to a referral!

Tip Number 2

Prepare for the interview by brushing up on your technical skills and understanding the company's tech stack. Be ready to discuss how your experience aligns with their needs, especially around security and CI/CD practices.

Tip Number 3

Showcase your passion for DevSecOps! Share examples of projects where you've embedded security into the development lifecycle. This will demonstrate your hands-on experience and commitment to best practices.

Tip Number 4

Don’t forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, it shows you’re genuinely interested in joining our team.

We think you need these skills to ace Senior DevSecOps Engineer (40036)

DevSecOps Principles
CI/CD
Infrastructure as Code
Security Automation
AWS
Kubernetes
Docker

Some tips for your application 🫡

Tailor Your Application:Make sure to customise your CV and cover letter to highlight your experience with DevSecOps principles, especially in AWS environments. We want to see how your skills align with our mission of building a secure, cloud-native platform.

Showcase Your Hands-On Experience:We love candidates who can demonstrate their practical knowledge. Include specific examples of projects where you've designed, built, or operated secure CI/CD pipelines or worked with containerised workloads and Kubernetes.

Communicate Clearly:Since this role involves working closely with various teams, clear communication is key. Use straightforward language in your application to convey your ideas and experiences effectively—show us you can bridge the gap between security and development!

Apply Through Our Website:We encourage you to apply directly through our website. It’s the best way for us to receive your application and ensures you’re considered for the role. Plus, it shows you’re keen on joining our team at Holland & Barrett!

How to prepare for a job interview at Holland and Barrett

Know Your Tech Stack

Familiarise yourself with the specific technologies mentioned in the job description, like AWS, Docker, and Kubernetes. Be ready to discuss your hands-on experience with these tools and how you've used them to enhance security and streamline CI/CD pipelines.

Demonstrate DevSecOps Principles

Prepare to explain how you’ve applied DevSecOps principles in your previous roles. Share examples of how you've embedded security controls into the software delivery lifecycle and improved workflows for engineering teams.

Showcase Communication Skills

Since this role involves working closely with various teams, practice articulating your thoughts clearly. Be prepared to discuss how you've collaborated with SRE, Cloud, and Application Security teams to achieve common goals.

Emphasise Continuous Improvement

Highlight your commitment to raising engineering standards through practical solutions. Discuss any initiatives you've led or contributed to that focused on automation, compliance, or operational excellence in a DevSecOps context.