DevSecOps Engineer in Swindon

The DevSecOps Engineer is responsible for designing, implementing, and maintaining efficient DevOps workflows to support continuous integration, continuous deployment, and infrastructure automation. This role bridges the gap between development and operations teams, ensuring seamless collaboration, reliable delivery, and scalable infrastructure. The DevSecOps Engineer plays a critical role in automating processes, optimising performance, and maintaining high availability in modern environments.

Key Accountabilities / Responsibilities

• Develop, own and manage secure CI/CD pipelines to automate the build, test (including SAST & secret scanning, etc), and deployment processes using tools like Jenkins, GitHub Actions, or GitLab CI.
• Author reusable Terraform modules and Ansible roles to automate the provisioning and management of resources.
• Implement robust monitoring and alerting solutions using tools like Prometheus, Grafana, or ELK Stack, focusing on anomaly detection and incident response.
• Automate routine tasks such as system updates, backups, and resource provisioning to improve efficiency.
• Contribute within the ITIL functions of the business acting as an escalation point to the Prolinx service desk for incidents and requests when needed.
• Monitor and resolve vulnerabilities of deployments ensuring security and reliability of products.
• Own the configuration, lifecycle, and operational health of the engineering toolchain (Terraform Enterprise, Ansible Automation Platform, Jira, ServiceNow, et al.) to guarantee reliability and developer velocity.
• Document DevOps processes, workflows, and best practices to facilitate knowledge sharing and team alignment.
• Collaborate with development and operations teams to integrate DevOps best practices into the development lifecycle.
• Participate in an on-call scheme.
• Adhere to Prolinx engineering principles and standards.
• Demonstrate and work in line with the core values of Prolinx which will be taken into consideration for this role (i.e., performance management).
• Adhere to Prolinx Security Policies in all practices to ensure our continued compliance with the Secure by Design Principles.

Essential Qualifications

• Working knowledge of Linux operating systems.
• A history of implementing and managing infrastructure as code (IAC) solutions using Terraform and Ansible.
• Insight into the deployment of containers using orchestration tools.
• An interest in coding/scripting languages (ideally Python, Go, JavaScript).
• Experience working in on-premise environments, with an understanding of networking and virtualisation systems.
• Passionate about automation and continuous improvement.
• An understanding of working in environments based on agile frameworks.
• Communication and collaboration skills to work effectively with cross‐functional teams.

Desirable Qualifications

• In Depth knowledge of Linux operating systems (preferably RHEL).
• Working knowledge of container orchestration on Kubernetes.
• Experience of writing code/scripts (Ideally Python/Go/Javascript).
• Previous history in the design and implementation of CI/CD pipelines with a focus on product security.
• A history of creating dashboards and monitoring solutions using Prometheus, Grafana, and the ELK stack.

Employment Conditions

• Compliance with Company Policies, Procedures and Rules.
• A condition of Employment as an Employee shall be, at all times, to comply with all Policies, Procedures and Rules of the Company, which include, but are not limited to: the Prolinx Integrated Management System (IMS) Manual, Prolinx Information Security Management System (ISMS) Manual and includes all Policies, Procedures and Rules specified in the Company's Employee Handbook.

Equal Opportunities

Prolinx does not discriminate on the basis of race, religion, colour, sex, age, disability or sexual orientation. All recruitment decisions are based solely on qualifications, skills, knowledge and experience and relevant business requirements. The Job Holder will understand the regulatory, fair trading and competition rules relating to their work sufficiently to be able to comply with them, relying on their knowledge or on their ability to recognise that they will need specialist support. The Job Holder will actively support at all times company policy and best practice in the area of security, with particular emphasis on the protection of sensitive customer information. This includes the Security requirements of our customers.