At a Glance
- Tasks: Enhance cloud security and governance while collaborating with engineering teams.
- Company: Dynamic tech company focused on innovation and cloud-native technologies.
- Benefits: Competitive salary, hybrid work, flexible hours, and professional development support.
- Other info: Join a culture that values innovation and continuous improvement.
- Why this job: Shape cloud security strategy and influence engineering best practices in a collaborative environment.
- Qualifications: Experience with AWS security, automation, and Agile software engineering.
The predicted salary is between 60000 - 70000 £ per year.
We're partnering with an established technology and data-driven software business that develops large-scale digital platforms used by global enterprise customers. With a strong focus on innovation, security, and cloud-native technologies, the organisation is investing heavily in its platform engineering and security capabilities as it continues to scale. As part of this growth, they are seeking a DevSecOps Engineer to play a key role in improving cloud security, platform governance, automation, and operational resilience across a modern AWS-centric environment.
This position offers the opportunity to influence security strategy, drive best practice, and work closely with engineering teams to embed security into every stage of the development lifecycle. This is an ideal opportunity for someone who enjoys balancing security, automation, cloud infrastructure, and engineering enablement within a collaborative and fast-moving technology business.
The Role
As a DevSecOps Engineer, you will be responsible for enhancing the security, governance, and operational maturity of cloud platforms and SaaS environments. Working closely with engineering, operations, and leadership teams, you'll help ensure infrastructure remains secure, scalable, observable, and compliant while enabling development teams to deliver efficiently. You'll be responsible for identifying security risks, improving cloud posture, implementing security tooling, automating operational processes, and supporting governance initiatives across the wider technology estate.
Key Responsibilities
- Improve and maintain cloud security posture across AWS environments.
- Implement and manage security controls, governance frameworks, and platform standards.
- Monitor infrastructure, applications, and SaaS services to identify risks, vulnerabilities, and configuration issues.
- Enhance observability, monitoring, alerting, and operational resilience.
- Develop automation to improve security, compliance, and operational efficiency.
- Manage identity and access controls, ensuring least-privilege principles are followed.
- Support vulnerability management and remediation programmes.
- Collaborate with engineering teams to embed security best practices throughout the software development lifecycle.
- Contribute to compliance, audit, and governance initiatives, including ISO 27001 aligned activities.
- Support security assessments, customer due diligence requests, and internal assurance activities.
- Promote a positive security culture by helping teams understand and manage risk pragmatically.
- Participate in an out-of-hours support rota following onboarding and training.
Required Experience
- Strong experience securing and managing AWS environments.
- Proven background improving cloud security posture and governance.
- Experience implementing security controls within cloud-native environments.
- Understanding of security risk management and security best practices.
- Knowledge of information security frameworks and compliance standards such as ISO 27001.
- Experience with infrastructure as code and automation.
- Hands-on experience with security tooling including vulnerability scanners, SIEM platforms, SAST tools, and monitoring solutions.
- Ability to balance security requirements with business and engineering objectives.
- Experience working within Agile software engineering environments.
- Development or scripting experience using Python.
- Experience with Terraform and/or CloudFormation.
- Understanding of modern AI tooling and governance considerations.
Desirable Experience
- Experience modernising or migrating legacy cloud environments.
- Exposure to Azure and/or Google Cloud Platform.
- Experience with serverless technologies including Lambda, SNS, and SQS.
- Experience with configuration management tools such as Puppet.
- Broader platform engineering or Site Reliability Engineering (SRE) experience.
- Exposure to SaaS security governance and Microsoft 365 security controls.
What's on Offer
- Salary of £60,000 - £70,000
- Performance-related bonus
- Hybrid working model (2 days per week in Manchester office)
- Flexible working hours
- 25 days annual leave plus bank holidays
- Option to buy and sell additional annual leave
- Pension scheme with employer contributions
- Life assurance
- Ongoing training and professional development budget
- One-to-one coaching and career development support
- Home working equipment provided
- Collaborative engineering culture with genuine opportunities to influence security strategy and platform direction
Why Apply?
This role offers the opportunity to join a growing technology business where security is viewed as an enabler rather than a blocker. You'll have the chance to shape cloud security strategy, influence engineering best practices, and work with modern technologies in an environment that values innovation, collaboration, and continuous improvement.
DevSecOps Engineer employer: Maxwell Bond
Join a forward-thinking technology and data-driven software company in Manchester, where innovation and security are at the forefront of our mission. As a DevSecOps Engineer, you'll thrive in a collaborative culture that prioritises employee growth through ongoing training, flexible working arrangements, and a supportive environment that encourages you to influence security strategy and best practices. With a competitive salary, performance-related bonuses, and a strong focus on work-life balance, this is an excellent opportunity for those seeking meaningful and rewarding employment in a dynamic setting.
StudySmarter Expert Advice🤫
We think this is how you could land DevSecOps Engineer
✨Tip Number 1
Network like a pro! Reach out to people in the industry on LinkedIn or at local meetups. A friendly chat can lead to opportunities that aren’t even advertised yet.
✨Tip Number 2
Show off your skills! Create a portfolio or GitHub repository showcasing your projects, especially those related to AWS and security. This gives potential employers a taste of what you can do.
✨Tip Number 3
Prepare for interviews by practising common DevSecOps questions and scenarios. Think about how you’d tackle real-world problems they might face, and be ready to share your thought process.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, we love seeing candidates who are proactive!
We think you need these skills to ace DevSecOps Engineer
Some tips for your application 🫡
Tailor Your CV:Make sure your CV reflects the skills and experiences that match the DevSecOps Engineer role. Highlight your AWS experience, security practices, and any relevant automation projects you've worked on. We want to see how you can contribute to our innovative environment!
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you're passionate about cloud security and how your background aligns with our goals at StudySmarter. Be sure to mention specific projects or achievements that demonstrate your expertise.
Showcase Your Technical Skills:In your application, don't forget to mention your hands-on experience with security tooling, infrastructure as code, and any programming languages like Python. We love seeing candidates who can balance technical skills with a collaborative mindset!
Apply Through Our Website:We encourage you to apply directly through our website for the best chance of getting noticed. It helps us keep track of applications and ensures you’re considered for this exciting opportunity to join our team in Manchester!
How to prepare for a job interview at Maxwell Bond
✨Know Your AWS Inside Out
Make sure you brush up on your AWS knowledge before the interview. Be ready to discuss your experience securing AWS environments, as well as any specific tools or frameworks you've used. This will show that you're not just familiar with the platform but can also contribute to improving its security posture.
✨Showcase Your Automation Skills
Since automation is key in a DevSecOps role, prepare examples of how you've implemented automation in previous positions. Whether it's through Terraform, CloudFormation, or scripting in Python, be ready to explain how your contributions have improved operational efficiency and security.
✨Understand Security Best Practices
Familiarise yourself with security risk management and compliance standards like ISO 27001. Be prepared to discuss how you've applied these principles in past roles, especially in relation to cloud-native environments. This will demonstrate your ability to embed security into the development lifecycle effectively.
✨Emphasise Collaboration
DevSecOps is all about working closely with engineering teams, so highlight your experience in collaborative environments. Share specific instances where you've successfully partnered with other teams to enhance security practices or resolve vulnerabilities, showcasing your ability to balance security needs with business objectives.
