Connecting to LinkedIn...

DevSecOps Engineer

Job Title: DevSecOps Engineer
Contract Type: Permanent
Location: London, England
Industry:
Salary: £60000 - £65000 per annum
Start Date: TBC
REF: 15823/001_1564054164
Contact Name: Danny Sturgeon
Contact Email: danny.sturgeon@accessplc.com
Job Published: 3 months ago

Job Description

DevOps Engineer / DevSecOps / FinTech / Blockchain / London / circa £65,000 per annum DOE

Access IT Recruitment are working with one of the largest FinTech / Blockchain organisations in the world who are seeking a DevOps Engineer to be part of their engineering and security operations team.

As DevOps Engineer you will play a key role within a team who provide software engineering and cloud infrastructure support to cryptocurrency futures and indices businesses. You will become part of the Security Operations team and will contribute and learn across the full cloud engineering stack.

This role offers you the chance to develop your career in the flourishing DevSecOps domain and become "T-Shaped" individual. You'll be working alongside industry leaders in DevOps and Security, and alongside a team of talented microservices developers and true polyglots.

This is a dynamic role in a fast-changing business where you will be…

  • Building application security processes and pipelines to contribute to the Development team's move to true Continuous Delivery and Continuous Improvement;

  • Implementing "SAST" and "DAST" systems with the wider team

  • Deputising for the CISO and /or fulfilling DevOps responsibilities for the Development teams to cover absence, and to a certain extent capacity issues

  • Implementing secrets management for cloud applications as part of the organisations DevSecOps team

  • Working with the global team on Identity and Access Management projects and integration for Enterprise applications;

  • Relating business processes and requirements to controls and policies;

  • Becoming an active part of the on call and disaster recovery structures within Crypto Facilities;

Requirements - Administrative and Security

  • Work highly independently, with multiple stakeholders outside of the formal management structure;

  • Write good quality policies, procedures and technical documentation;

  • Nurture security awareness in the organisation, produce material to support this, and relate this to the current threat landscape;

  • Be familiar with risks introduced to organisation by third parties, and processes to mitigate these;

  • Take a risk-based approach to all facets of information security;

  • Have a "finger on the pulse" of current challenges and exploits in the ecosystem;

  • Be an active participant in a truly world class global security organisation

Requirements - Technical

  • Code (or script) in at least one modern application development or utility language;

  • Use Source Code Management and Document Management Systems to organize business function tasks and publish relevant material;

  • Be a competent Linux user;

  • Know how to build, run and deploy secure Docker containers;

  • Be aware of how containers and microservices are configured, and can be secured and orchestrated, in particular using Kubernetes;

  • Use open source tooling to programmatically test and verify the safety and integrity of bespoke software;

  • Analyse data sets and produce reports using basic tools (e.g. SQL, POSIX stream processing tools, spreadsheets, ODBC, Python);

  • Understand principles around secure Identity Management and Authentication;

  • Understand the implementation of secure messaging systems in the context of privacy awareness, including GPG and encrypted instant messaging;

  • Have a good basic comprehension of computer networks, the Internet, and supporting systems such as web servers and proxies;

  • Understand DNS, SSL/ TLS, and how traffic on IP networks establishes end-to-end security and trust.

Desirables

  • A degree from an accredited institution, or equivalent relevant experience alongside a good level of general education;

  • Optional: relevant and well-regarded certifications in cloud computing such as CKA (Certified Kubernetes Administrator), AWS Professional or Specialty levels, Google Professional level;

  • Optional: advanced security accreditation such as CISSP, OSCP, CASP, Security+.

For a confidential discussion and further details on the role, please apply via the details provided