DevSecOps Engineer

Join Nordcloud and be part of the European cloud revolution. We supercharge our customers to innovate in hyperscaler cloud, enabling seamless migration, advanced security, and data-driven success. We are seeking an experienced DevSecOps Engineer to help uplift and standardise the security posture across a large-scale public-sector digital screening programme. The platform spans AWS and Azure, with 20+ cloud‑based services at varying stages of maturity. The goal is to create a coherent, consistent, and modern cybersecurity baseline across all products by embedding security into CI/CD, Infrastructure-as-Code (IaC), and operational processes. You will work closely with product teams, infrastructure engineers, and delivery squads to embed security early (“shift‑left”), automate controls, and ensure consistent guardrails across the entire service portfolio.

Key Responsibilities

• Security Engineering & Automation
  • Implement and embed security controls throughout CI/CD pipelines, ensuring security is built-in rather than bolted-on.
  • Enhance and maintain IaC (Terraform / ARM / Bicep / CloudFormation) ensuring consistent, repeatable, and secure infrastructure deployments across AWS and Azure.
  • Integrate automated security scanning (SAST/DAST/SCA), secrets management, policy enforcement, base image hardening, and runtime protection as part of the delivery workflow.
• Cloud Security (AWS & Azure)
  • Work with multi-cloud services to design, implement, and maintain security patterns that can be applied consistently across the portfolio.
  • Configure cloud-native security tooling (e.g., guardrails, identity policies, network controls) and ensure all services meet agreed security standards.
  • Collaborate on extracting reusable libraries and toolsets to drive standardisation across teams.
• CI/CD & Platform Engineering
  • Deliver security improvements through changes to CI/CD and IaC repositories, version controlled alongside application code.
  • Build and refine pipelines that support automated testing, deployment, and governance across cloud environments.
  • Ensure teams can continuously monitor, detect, and remediate vulnerabilities through integrated pipeline tooling.
• Disaster Recovery & Operational Readiness
  • Contribute to DR strategy uplift by defining consistent runbooks, automated processes, and wargaming tools to validate resilience across services.
  • Ensure operational documentation is clear, repeatable, and usable by delivery and support teams.
• Collaboration & Delivery
  • Work hand‑in‑glove with product teams, architects, and infrastructure engineers to socialise patterns, build capability, and embed practices early.
  • Prioritise work based on an existing cybersecurity risk assessment, ensuring high‑value improvements are delivered first.
  • Support knowledge sharing, coaching, and embedding of security best practices across engineering teams.

Required Skills & Experience

• Strong background in DevSecOps principles including shift-left security, automated testing, secure SDLC, and cloud-native security engineering.
• Hands-on experience with AWS and Azure cloud environments.
• Experience designing secure and scalable architectures, CI/CD pipelines, and infrastructure automation.
• Proficiency with IaC tools such as Terraform, ARM, Bicep, CloudFormation.
• Experience integrating security tools into CI/CD (SAST, DAST, dependency scanning, secrets scanning, container scanning).
• Familiarity with container orchestration and security (Kubernetes/AKS/EKS).
• Strong understanding of identity, access, network, and policy enforcement across cloud platforms.
• Ability to document runbooks, DR processes, and operational guidance.
• Excellent stakeholder engagement skills across engineering, operations, and delivery teams.
• MUST BE ELIGIBLE FOR SC CLEARANCE.

Desirable Skills

• Experience contributing to or maintaining shared libraries or open-source tooling.
• Knowledge of audit, compliance, and security frameworks.
• Experience in large public‑sector or regulated environments.

Why this role matters

Your work will directly strengthen the security posture of a major national digital screening platform, ensuring consistency, resilience, and trustworthiness across dozens of critical public‑facing services. You’ll be instrumental in shaping secure engineering standards that will be adopted across multiple teams and cloud environments.

What we offer

• Individual training budget and exam fees for certifications.
• Flexible working hours and hybrid working model.
• Company laptop and needed equipment.
• Local package such as up to 7% matched pension contributions, extensive private health care, Bupa dental plan, and a seasonal ticket loan, enhanced maternity and parental leave, gym expense or well-being monthly and mobile phone allowance.

Please read our Recruitment Privacy Policy before applying. All applicants must have the right to work in the UK.

About Nordcloud

Nordcloud is a European leader in cloud implementation, application development, managed services and training. It’s a recognised cloud-native pioneer with a proven track record helping organisations leverage public cloud in a way that balances quick wins, immediate savings and sustainable value. Nordcloud is triple-certified across Amazon Web Services, Microsoft Azure and Google Cloud Platform – with 10 European hubs, over 1,300 employees and has delivered over 1,000 successful cloud projects for companies ranging from midsize to large corporates. Our clients benefit from multi-cloud expertise that guides best practices, preempts pitfalls, provides essential technical support and steers teams through cultural change. From strategy planning to application management, we take our customers through the whole cloud journey to drive real business outcomes from cloud technology. Learn more at www.nordcloud.com.

Nordcloud values diversity and is dedicated to providing equal opportunities for all candidates and employees.