DevSecOps Engineer, London/Remote, £85,000-£90,000 per annum

About the client

Our product is all about collaboration and innovation. So are our people. We're a small team, but we've got a big vision: to build a brand-new infrastructure for operational risk management. It's not easy. We're redefining the way some of the world's biggest financial services companies and banks work with data. There are a lot of challenges - but a lot of opportunities to think and act creatively, too.

The role

Working alongside the CTO, you will ensure the security and development scalability of our fintech solution. You will be supporting the implementation and ongoing management of information security and DevOps practices.

Main duties

• Work with stakeholders to define information security activities and agree execution responsibilities.
• Own information security tools and processes producing required evidence for compliance.
• Identify and mitigate security vulnerabilities, implementing robust security measures in alignment with industry best practices and regulatory requirements.
• Ensure all security issues with code are remediated within timeframes, depending on criticality by liaising with internal teams.
• Respond to client and internal stakeholder enquiries about data and information security.
• Create and utilise incident response plans and procedures to minimize system downtime and data breaches.
• Work on implementation, and maintenance of scalable and secure infrastructure, utilising best practices and automation.
• Create and maintain CI/CD pipelines to facilitate rapid software releases.
• Collaborate with all teams to ensure adherence to data protection and privacy regulations.
• Work on automation of deployment, configuration management, and monitoring processes to streamline operations and reduce manual intervention.
• Monitor system health, performance, and security, taking proactive measures to address issues.

Requirements

• Relevant experience in information security role.
• In-depth knowledge of security principles, standards and best practices.
• Experience with security technologies and tools.
• Knowledge of regulatory requirements related to information security (eg, GDPR, ISO 27001).
• Understanding of DevOps principles and practices.
• Experience in cloud computing platforms (eg, AWS, Azure, GCP).
• Proficiency in infrastructure as code (IaC) and configuration management tools.
• Proactive approach
• Excellent problem-solving and decision-making abilities.
• Strong communication and collaboration skills.