Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Secure and scale our infrastructure while leading DevOps workflows for clinical software.
- Company: Join a dynamic team at Skin Analytics, committed to innovation and diversity.
- Benefits: Enjoy competitive salary, share options, private healthcare, and 25 days annual leave.
- Why this job: Make a real impact in the healthcare tech space with cutting-edge security practices.
- Qualifications: Experience with AWS, CI/CD, and security tooling is essential.
- Other info: Collaborative environment with fun social activities and strong career growth opportunities.
The predicted salary is between 36000 - 60000 £ per year.
In this role you will lead the charge in securing and scaling our infrastructure and CI/CD pipelines for regulated clinical software. Working cross-functionally with engineering, QA, product, and regulatory teams, you’ll design, implement, and monitor secure, traceable DevOps workflows. You enable rapid, compliant delivery of Software as a Medical Device (SaMD) products. Please note: this role requires in office presence for 3 days a week. Our office is in Farringdon, London. If you can’t commit to this, please don’t apply.
Responsibilities
- Own AWS infrastructure security using least‑privilege and zero‑trust principles
- Build and maintain secure CI/CD pipelines with automated security gates (Snyk, SonarQube, OWASP ZAP)
- Conduct and coordinate penetration testing (internal and third‑party); triage and drive remediation
- Deploy runtime threat detection (GuardDuty, Falco, Wazuh)
- Manage secrets detection and scanning (GitLeaks, Vault)
- Build observability with ELK stack, Elastic agents, and anomaly alerting
Success Metrics
- 3 months
- Deploy SAST tooling (SonarQube) across all repositories with automated PR scanning
- Implement DAST scanning (OWASP ZAP) for staging environments with scheduled scans
- Deploy secrets detection tooling (GitLeaks, TruffleHog) across all repositories
- Establish a baseline security posture through initial penetration test; document and prioritise remediation backlog
- Complete remediation of all critical/high findings from initial pen test
- Achieve automated security gate coverage (SAST, DAST, dependency scanning) across 100% of production services
- Implement full‑stack observability using the ELK stack with Elastic agents deployed across all infrastructure for centralised security and performance monitoring
- Configure anomaly detection dashboards and real‑time alerting for security events and reliability metrics
- Establish cadence of quarterly pen tests with trend reporting to leadership
Requirements
- AWS (EC2, S3, RDS, IAM, VPC, CloudTrail, GuardDuty, Lambda)
- CI/CD (Bitbucket Pipelines or similar), gated deployments
- Security tooling: Snyk, SonarQube, OWASP ZAP, Burp Suite, Kali Linux
- Pen testing coordination and vulnerability management
- Terraform, Ansible, Docker
- ELK stack / SIEM
- Compliance: IEC 62304, ISO 27001, HIPAA, MDR
- Strong networking: VPCs, security groups, NACLs, load balancers
Behaviours
- Takes ownership: full accountability for infra, tooling, and controls; sees it through to completion.
- Bias for automation: believes manual work should be temporary, builds repeatable pipelines and workflows.
- Detail obsessed: doesn’t miss the small stuff. Every commit, config, and policy matters in regulated software.
- Clear communicator: explains risks, trade‑offs, and technical plans to both engineers and non‑tech stakeholders.
- Collaborative & pragmatic: works well across disciplines and adapts to real‑world constraints.
Benefits
- Competitive salary
- Share options package – all our employees have ownership in the company
- Private healthcare
- 25 days annual leave (5 day company shutdown in August + bank holidays)
- Enhanced parental leave – includes adoption & foster
- Bike to work scheme
- Training budget
- Weekly catch‑ups, monthly meetings to talk about you, your ambitions and make plans
- Lots of fun social activities including company offsite!
Values
- Building a Strong Foundation
- Always Learning
- Lead from the Front
- Tough and Resilient
- The Real Stuff
Skin Analytics embraces and is committed to diversity and equal opportunities. We are dedicated to building a team that represents a variety of backgrounds, perspectives, and skills. The more inclusive we are, the better our work will be.
SecOps Engineer employer: Skin Analytics
Contact Detail:
Skin Analytics Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land SecOps Engineer
✨Tip Number 1
Network like a pro! Reach out to folks in the industry, especially those already working at companies you're interested in. A friendly chat can open doors and give you insider info that could help you stand out.
✨Tip Number 2
Show off your skills! Create a portfolio or GitHub repo showcasing your projects, especially those related to AWS, CI/CD, and security tools. This gives potential employers a tangible look at what you can do.
✨Tip Number 3
Prepare for interviews by brushing up on your technical knowledge and soft skills. Practice explaining complex concepts simply, as you'll need to communicate with both techies and non-techies alike.
✨Tip Number 4
Don't forget to apply through our website! It’s the best way to ensure your application gets seen. Plus, we love seeing candidates who are proactive about their job search!
We think you need these skills to ace SecOps Engineer
Some tips for your application 🫡
Tailor Your CV: Make sure your CV is tailored to the SecOps Engineer role. Highlight your experience with AWS, CI/CD pipelines, and security tooling. We want to see how your skills align with our needs!
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you're passionate about securing infrastructure and how you can contribute to our mission at StudySmarter. Keep it concise but impactful.
Showcase Your Projects: If you've worked on relevant projects, don’t hold back! Share specific examples of how you've implemented security measures or automated processes. We love seeing real-world applications of your skills.
Apply Through Our Website: We encourage you to apply directly through our website. It’s the best way for us to receive your application and ensures you’re considered for the role. Plus, it’s super easy!
How to prepare for a job interview at Skin Analytics
✨Know Your Tech Stack
Make sure you’re well-versed in the specific technologies mentioned in the job description, like AWS services and security tools. Brush up on your knowledge of CI/CD pipelines and how to implement security gates. Being able to discuss these confidently will show that you’re ready to hit the ground running.
✨Demonstrate Ownership
This role requires a strong sense of ownership, so be prepared to share examples from your past experiences where you took full accountability for projects. Highlight how you’ve seen things through to completion, especially in a regulated environment, as this will resonate with the interviewers.
✨Prepare for Technical Questions
Expect technical questions related to security principles like least-privilege and zero-trust. Be ready to explain how you would approach penetration testing and vulnerability management. Practising these scenarios can help you articulate your thought process clearly during the interview.
✨Show Your Collaborative Spirit
Since this role involves working cross-functionally, be ready to discuss how you’ve collaborated with different teams in the past. Share specific instances where you adapted your communication style to engage both technical and non-technical stakeholders effectively.