About This Role
Security Engineer - DevSecOps
We are seeking a highly skilled Security Engineer with strong software engineering foundations and deep expertise in secure development practices. The successful candidate will have hands-on experience with source code management, CI/CD pipelines, cloud-native environments, and secure code review processes. You will play a key role in identifying vulnerabilities, improving developer security practices, and embedding security into modern engineering workflows.
Required Skills & Experience
Technical Skills
* Expert-level knowledge of Git and modern version control workflows
* Strong frontend and backend development experience
* Hands-on application security experience in modern engineering environments
* Experience performing manual and automated secure code reviews
* Practical experience with Wiz Code
* Strong Python scripting and automation skills
* Experience with Kubernetes security and containerised environments
* Strong AWS cloud security knowledge
* Solid understanding of CI/CD pipelines and DevSecOps principles
* Familiarity with software engineering best practices and SDLC processes
Security Expertise
* Secure coding practices and vulnerability remediation
* OWASP Top 10 and common application security risks
* Static and dynamic application security testing concepts
* Secrets management and dependency security
* Threat modelling and risk analysis
Soft Skills
* Ability to communicate effectively with developers and engineering leadership
* Strong analytical and problem-solving skills
* Collaborative mindset with a pragmatic approach to security
* Ability to balance security requirements with engineering productivity
Preferred Qualifications
* Experience working in high-scale cloud-native environments
* Familiarity with Infrastructure as Code (Terraform, CloudFormation, etc.)
* Knowledge of container security and Kubernetes hardening
* Experience integrating security tools into developer workflows
Ideal Candidate Profile
You are someone who:
* Thinks like an engineer and understands developer challenges
* Can read, understand, and assess production-grade code
* Is comfortable working across security, infrastructure, and engineering teams
* Enjoy improving developer security practices through collaboration rather than gatekeeping
* Understands modern DevSecOps and cloud-native application architectures
:quality(80))
:quality(80))
:quality(80))