At a Glance
- Tasks: Lead DevSecOps practices and drive secure delivery across MOD Cloud environments.
- Company: Join a major defence digital transformation programme with a focus on innovation.
- Benefits: Earn up to £600/day, enjoy hybrid work, and develop your skills in a dynamic environment.
- Other info: Opportunity for career growth and collaboration with cross-functional teams.
- Why this job: Make a real impact in defence while working with cutting-edge technologies.
- Qualifications: Proven experience in DevSecOps, strong leadership, and hands-on expertise with key tools.
The predicted salary is between 60000 - 80000 £ per year.
Rate: Up to £600/day (Inside IR35)
Clearance: Active SC Clearance
Location: Hybrid – Predominantly remote with occasional travel to London and Bristol
Overview
We are seeking an experienced, client-facing Lead DevSecOps Engineer to lead DevSecOps practices across a major defence digital transformation programme. You will drive secure, automated delivery across multiple products hosted within the MOD digital estate, including Azure, AWS and OCI environments.
Key Responsibilities
- Lead and standardise DevSecOps practices across teams delivering into the MOD Cloud estate.
- Design and implement secure CI/CD pipelines and GitOps workflows for MOD Cloud‑hosted products.
- Integrate security scanning, vulnerability management and compliance controls into delivery pipelines.
- Drive Infrastructure as Code (Terraform) and automation best practices across MOD Cloud environments.
- Implement secrets management, IAM, monitoring, logging and audit capabilities aligned to MOD standards.
- Collaborate with developers, testers and infrastructure teams to embed secure‑by‑design principles across MOD Cloud deployments.
- Support incident response, patching, compliance reporting and operational documentation for MOD Cloud platforms and services.
- Help coordinate release activity across integrated products deployed into Azure, AWS and OCI within MOD Cloud.
Essential Skills & Experience
- Proven experience as a Lead DevSecOps Engineer in complex environments, ideally within government or defence.
- Strong hands‑on expertise with:
- GitHub Actions, Argo CD, Argo Rollouts
- Trivy, HashiCorp Vault, cert‑manager
- Docker, AWS EKS
- Terraform
- Grafana, Loki
- Python, Bash
- AWS IAM, S3 and networking fundamentals
- Strong stakeholder management and leadership skills.
- Experience leading distributed teams and working across cross‑functional delivery teams.
Highly Desirable
- Experience delivering DevSecOps solutions within the MOD digital estate.
- Knowledge of Azure (MOD Cloud ACE / i‑ACE), AWS (MOD Cloud ICE) and Oracle Cloud Infrastructure (MOD Cloud OCE).
SC Cleared Lead DevSecOps Engineer in London employer: IO Associates
Join a forward-thinking organisation that prioritises innovation and security in the defence sector. With a hybrid working model, you will enjoy the flexibility of predominantly remote work while collaborating with talented professionals in London and Bristol. Our commitment to employee growth is evident through continuous training opportunities and a supportive work culture that values your contributions to critical digital transformation projects.
StudySmarter Expert Advice🤫
We think this is how you could land SC Cleared Lead DevSecOps Engineer in London
✨Get Active on Cybersecurity Forums
Join platforms like Stack Exchange and Reddit’s r/cybersecurity to hang out with industry pros, learn the latest, and share your insights. This will not only boost your visibility but also help you connect with potential clients who might need your freelance services.
✨Show Off Your Skills with Public Projects
Create a few open-source projects or contribute to existing ones that showcase your cybersecurity skills. Use GitHub to display your work, as this is an excellent way to attract clients looking for freelancers with a proven track record.
✨Attend Local Conferences and Meetups
Make sure to hit up cybersecurity meetups, workshops, and conferences in your area. These events are goldmines for networking, and you’ll often find people looking for freelancers after a chat over a coffee – so come prepared with your business cards and a killer elevator pitch!
✨Market Yourself Smartly
Set up a professional website that showcases your portfolio, expertise, and client testimonials. Optimise it for SEO with relevant keywords so potential clients searching for cybersecurity freelancers can easily find you. Don’t forget to link to your site on all your social media and profiles!
We think you need these skills to ace SC Cleared Lead DevSecOps Engineer in London
Some tips for your application 🫡
Show Your Skills Through a Strong Portfolio:Since you're applying for a freelance role in cybersecurity, it's crucial to showcase your technical skills through a detailed portfolio. Include case studies of projects you've worked on, any security tools you've developed or assessed, and specifics on the methodologies you’ve used. This will help IO Associates understand what you're capable of.
Certifications Matter!:Make sure to list any relevant certifications you hold, such as CISSP, CEH, or CompTIA Security+. Freelance clients often value these credentials as they reflect your expertise and commitment to the field. If you’re actively pursuing more certifications, don’t hesitate to mention that too!
Rates, Availability, and Your Work Style:In your application, it’s essential to be clear about your freelance rates and availability. Clients appreciate transparency. Mention how many hours a week you can dedicate and your preferred working hours, as this sets expectations from the start and shows you're organised and professional.
Tailor Your CV to Highlight Cybersecurity Experience:When crafting your CV, make sure to tailor it specifically to cybersecurity. Highlight projects, tasks, and achievements related to security assessments, vulnerabilities you've mitigated, or compliance work you've undertaken. Keywords relevant to the job can grab attention and increase your chances of landing a spot at IO Associates.
How to prepare for a job interview at IO Associates
✨Showcase Your Cybersecurity Skills
As a freelancer in cybersecurity, it’s crucial we demonstrate not just our knowledge but our practical skills too. Be ready to discuss specific tools you’ve used, like Wireshark or Metasploit, and share relevant experiences where you identified vulnerabilities or mitigated risks in past projects.
✨Prepare Your Portfolio
Unlike traditional roles, freelancing relies heavily on your portfolio. Let’s curate a selection of past work that showcases our best projects. If we’ve handled penetration tests, audits, or incident responses, be sure to highlight these in your portfolio, and share any client testimonials if we have them.
✨Stay Updated on Trends and Tools
Cybersecurity is an ever-evolving field, so we should be prepared to chat about recent developments and how they impact our work. Familiarise ourselves with the latest threats, tools, and frameworks, like MITRE ATT&CK, that are pertinent to the projects we’re pitching.
✨Pitching Your Value as a Freelancer
When freelancing, we often need to negotiate our rates and value propositions. Be ready to explain how our skills can help IO Associates protect their assets and manage risks. It can help to outline some potential strategies or improvements we could implement for them based on their current setup.
