DevSecOps Developer

We don't just believe in better. We make it happen. Working in Tech, Product or Data at the company is about building the next and the new. From broadband to broadcast, streaming to mobile, we never stand still. We optimise and innovate. We turn big ideas into the products, content and services millions of people love.

Role/ Team overview

The AppSec Tooling team at the company is responsible for enabling secure software development practices across the organisation. We build and operate platforms that support penetration testing activities, including the scheduling, organisation, and management of testing engagements, as well as capabilities for threat modelling, security reporting, and vulnerability remediation. This is an exciting opportunity to join the AppSec Tooling function at the company as we continue to scale our platforms and services. We are expanding our UK-based capability to ensure software security is embedded by default across the company's engineering estate.

This role requires strong hands-on software security knowledge, the ability to investigate and respond to application-level security vulnerabilities and incidents, and the confidence to influence engineering teams toward secure-by-design outcomes at scale.

What you’ll do

• Work closely with software engineering, platform, and DevOps teams to embed security into the end-to-end software delivery lifecycle across AWS-based environments.
• Support and guide the secure development of cloud-native applications, APIs, and backend services using technologies such as Python, JavaScript, and PHP.
• Provide practical guidance on secure application design, authentication, access control, secrets management, and resilient cloud architectures.
• Integrate security, testing, and automation controls into CI/CD pipelines and development workflows while maintaining a strong developer experience.
• Contribute to the development and maintenance of infrastructure as code, cloud automation, and scalable platform capabilities within AWS environments.
• Drive the adoption of engineering guardrails, reusable security patterns, and automation that enable teams to deliver securely and efficiently at scale.
• Support the identification, investigation, triage, and remediation of application and platform vulnerabilities in collaboration with engineering teams.
• Contribute to security incident response activities, including root cause analysis, remediation support, and continuous improvement initiatives.
• Work with platform and engineering teams to improve monitoring, logging, alerting, and observability practices across distributed systems.
• Promote a positive engineering and security culture through coaching, collaboration, knowledge sharing, and day-to-day engagement with development teams.

What you’ll bring

• Strong understanding of modern software engineering practices, secure development principles, and common application security risks.
• Experience developing and supporting cloud-native applications using Python, JavaScript, and/or PHP within AWS-based environments.
• Familiarity with designing and integrating RESTful APIs, backend services, and event-driven architectures.
• Experience integrating security, testing, and automation controls into CI/CD pipelines and software delivery workflows.
• Hands-on experience with infrastructure as code and cloud automation to provision and manage scalable AWS environments.
• Experience working with containerised applications and modern platform technologies in distributed systems.
• Understanding of secure authentication, access control, secrets management, and security best practices in cloud environments.
• Experience implementing monitoring, logging, alerting, and observability practices for operational resilience and troubleshooting.
• Ability to investigate, triage, and help remediate application and platform security issues in collaboration with engineering teams.
• Strong problem-solving, collaboration, and communication skills, with the ability to work effectively across engineering, platform, and security teams in fast-paced environments.

Benefits and perks

• Free the company TV or NOW package, including the company Sports and the company Cinema.
• Pension package with up to 9% employer contribution.
• Private healthcare with mental health support.
• Aviva Digital GP and dental insurance.
• Discounts on the company products, including the company Mobile, the company Broadband, the company Glass and the company Protect.
• Sharesave and Tech schemes.
• A range of the company VIP rewards and experiences.

How you’ll work

At the company, we want to be a community that thrives by being together. Flexible working remains a key part of that. We want our people to have the best of both worlds – time working at home, as well as time in the office. The hybrid working expectations for this role are 2 days in the office per week.

Your office base: Osterley. Our Osterley Campus is a 10-minute walk from Syon Lane train station. Or you can hop on one of our free shuttle buses that run to and from Osterley, Gunnersbury, Ealing Broadway and South Ealing tube stations. There's also plenty of bike shelters and showers. On campus, you'll find 13 subsidised restaurants, cafes, and a Waitrose. You can keep in shape at our subsidised gym, catch the latest shows and movies at our cinema, get your car washed and even get pampered at our beauty salon.

Who we are

We're the company, a leading media and entertainment company who connect millions with entertainment, sports, news and arts through innovative products and services. Working with us means you'll be bringing the joy of a better experience to more people, every day. All so we can do better and deliver better for our customers, colleagues and society.

We’re an equal opportunity employer and value diversity at our company. We’re a Disability Confident Accredited Employer, and welcome and encourage applications from all candidates. We will look to ensure a fair and consistent experience for all and will make reasonable adjustments to support you where appropriate. Please flag any adjustments you need as early as you can.

Just so you know: if your application is successful, we’ll ask you to complete a criminal record check. And depending on the role you have applied for and the nature of any convictions you may have, we might have to withdraw the offer. To be eligible for this role you are required to have the appropriate right to work in the UK. Please be aware the company does not offer sponsorship for this position.

To find out more about working with us, search #LifeAtSky on social media.