DevSecOps Engineer

Location: Manchester (Hybrid – 2 days per week in office)

We're partnering with an established technology and data-driven software business that develops large-scale digital platforms used by global enterprise customers. With a strong focus on innovation, security, and cloud-native technologies, the organisation is investing heavily in its platform engineering and security capabilities as it continues to scale. As part of this growth, they are seeking a DevSecOps Engineer to play a key role in improving cloud security, platform governance, automation, and operational resilience across a modern AWS-centric environment. This position offers the opportunity to influence security strategy, drive best practice, and work closely with engineering teams to embed security into every stage of the development lifecycle. This is an ideal opportunity for someone who enjoys balancing security, automation, cloud infrastructure, and engineering enablement within a collaborative and fast-moving technology business.

The Role

As a DevSecOps Engineer, you will be responsible for enhancing the security, governance, and operational maturity of cloud platforms and SaaS environments. Working closely with engineering, operations, and leadership teams, you'll help ensure infrastructure remains secure, scalable, observable, and compliant while enabling development teams to deliver efficiently. You'll be responsible for identifying security risks, improving cloud posture, implementing security tooling, automating operational processes, and supporting governance initiatives across the wider technology estate.

Key Responsibilities

• Improve and maintain cloud security posture across AWS environments.
• Implement and manage security controls, governance frameworks, and platform standards.
• Monitor infrastructure, applications, and SaaS services to identify risks, vulnerabilities, and configuration issues.
• Enhance observability, monitoring, alerting, and operational resilience.
• Develop automation to improve security, compliance, and operational efficiency.
• Manage identity and access controls, ensuring least-privilege principles are followed.
• Support vulnerability management and remediation programmes.
• Collaborate with engineering teams to embed security best practices throughout the software development lifecycle.
• Contribute to compliance, audit, and governance initiatives, including ISO 27001 aligned activities.
• Support security assessments, customer due diligence requests, and internal assurance activities.
• Promote a positive security culture by helping teams understand and manage risk pragmatically.
• Participate in an out-of-hours support rota following onboarding and training.

Required Experience

• Strong experience securing and managing AWS environments.
• Proven background improving cloud security posture and governance.
• Experience implementing security controls within cloud-native environments.
• Understanding of security risk management and security best practices.
• Knowledge of information security frameworks and compliance standards such as ISO 27001.
• Experience with infrastructure as code and automation.
• Hands-on experience with security tooling including vulnerability scanners, SIEM platforms, SAST tools, and monitoring solutions.
• Ability to balance security requirements with business and engineering objectives.
• Experience working within Agile software engineering environments.
• Development or scripting experience using Python.
• Experience with Terraform and/or CloudFormation.
• Understanding of modern AI tooling and governance considerations.
• Experience modernising or migrating legacy cloud environments.
• Exposure to Azure and/or Google Cloud Platform.
• Experience with serverless technologies including Lambda, SNS, and SQS.
• Experience with configuration management tools such as Puppet.
• Broader platform engineering or Site Reliability Engineering (SRE) experience.
• Exposure to SaaS security governance and Microsoft 365 security controls.

What's on Offer

• Salary of £60,000 - £70,000
• Performance-related bonus
• Hybrid working model (2 days per week in Manchester office)
• 25 days annual leave plus bank holidays
• Option to buy and sell additional annual leave
• Pension scheme with employer contributions
• Life assurance
• Ongoing training and professional development budget
• One-to-one coaching and career development support
• Home working equipment provided
• Collaborative engineering culture with genuine opportunities to influence security strategy and platform direction

Why Apply?

This role offers the opportunity to join a growing technology business where security is viewed as an enabler rather than a blocker. You'll have the chance to shape cloud security strategy, influence engineering best practices, and work with modern technologies in an environment that values innovation, collaboration, and continuous improvement.