DevSecOps Engineer - ONSITE

Job: DevSecOps Engineer (Debden IG10) - ONSITE

Mon-Fri onsite in Debden IG10

Offices a 5 mins walk from Debden tube station (Central line)

Salary to approx. £90k + pension + health

Free onsite gym & parking

Please only apply if you are able to work from their Debden offices Monday-Friday. Hybrid or remote working is not available.

Company

Established in 2009 and regulated by the FCA, this multi-award-winning finance & credit company has a proven track record for customer and employee satisfaction. With a Trustpilot rating of 4.8/5 and over 33,500 combined online reviews, they pride themselves on their customer service and their duty as a responsible lender.

Role

This company is seeking an experienced DevSecOps Engineer for an initial 6-month contract in a Work from Office (WFO) role. This role will focus on creating a business strategy, gap analysis and implementation, for securing their Azure-based infrastructure, integrating security automation, ensuring PCI DSS compliance, vulnerability and penetration testing and incident response.

This role will focus on developing and maintaining secure, scalable Azure DevOps pipelines and Infrastructure as Code (IaC) using Terraform. Their ideal candidate will have a strong background in cloud security best practices, automation, and a proactive approach to integrating security across their software delivery lifecycle.

A key part of this position will also involve mentoring an internal engineer, developing structured security policies, and managing Sentinel, Defender and SOAR solutions for automated threat response.

Additionally, the role requires liaising with third-party support partners to coordinate security solutions, manage incidents, and enhance overall cybersecurity posture.

Responsibilities

Infrastructure Security: Architect and secure Azure-based infrastructure using Terraform, ensuring adherence to security best practices by developing, maintaining, and optimizing Terraform code.

DevOps Pipeline Development and Maintenance: Design, develop, and optimize Azure DevOps pipelines with security embedded at every stage.

Cloud Security Implementation: Leverage Azure Security Centre, Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring.

Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime.

Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS).

Vulnerability & Penetration Testing: Review Penetration Testing, vulnerability assessments, and security scanning to proactively identify and remediate risks.

PCI DSS Compliance: Conduct security audits, risk assessments, and ensure regulatory compliance.

DNS Security: Implement and monitor DNS security solutions to prevent cyber threats.

Incident Response: Formulating and documenting a solid process utilising a 3rd party support partner

Security Monitoring & Logging: Develop SIEM solutions, logging strategies, and real-time threat intelligence. Monitor, audit, and improve infrastructure security posture using automated tooling.

Policy & Procedures: Define and enforce security policies, incident response strategies, and structured action plans for proactive risk mitigation.

Collaboration & Mentoring: Support and upskill an internal engineer, ensuring long-term knowledge transfer and security expertise.

Liaising with Third-Party Support Partners: Work closely with external security providers, vendors, and consultants to coordinate security solutions, manage incident response processes, and ensure best practices align with organizational security strategy.

Documentation & Handover: Ensure detailed documentation and knowledge transfer for post-contract continuity.

Required

Strong expertise in Azure cloud security, Microsoft Defender, and Microsoft Sentinel.

Proven experience in SOAR technologies for security automation and response orchestration.

Hands-on experience with penetration testing, vulnerability assessments, and security scanning.

Experience implementing and managing WAF, IPS, and DNS security solutions.

Extensive experience with Terraform for IaC security automation.

Knowledge of DevOps pipelines (CI/CD) and security hardening.

Deep understanding of PCI DSS compliance, security frameworks, and audit processes.

Familiarity with SIEM solutions, security orchestration platforms, and log management.

Strong experience with incident response planning, threat detection, and mitigation.

Ability to define security policies, procedures, and structured action plans for compliance and risk management.

Proficiency in scripting languages (Python, Bash, PowerShell) for security automation.

Strong interpersonal skills to mentor and train internal engineers while working effectively in an office environment.

Experience working with third-party support partners, vendors, and security consultants to manage external security operations.

Desirable

Certifications: Azure Security Engineer Associate, CISSP, OSCP (Offensive Security Certified Professional), CCSP, or equivalent.

Experience with container security (Docker, Kubernetes).

Knowledge of NIST, ISO 27001, SOC 2 compliance frameworks.

Familiarity with Zero Trust security principles.

Other Stuff

Please only apply if you are able to work from their Debden offices Monday-Friday. Hybrid or remote working is not available.

NB: for non-UK Citizens: we cannot accept applications from anyone requiring sponsorship (now or in the future) for UK permanent employment status. If you are utilising a work visa this must allow you to work in the UK unrestricted for at least the next 5 years.

In accordance with GDPR by applying you give Profile 29 consent to use your data for recruitment purposes only (details of Profile 29s privacy policy can be found at: profile-29 .com/privacy)

Profile 29 recruitment keywords: DevSecOps DevOps Azure cloud security Microsoft Defender Microsoft Sentinel WAF IPS DNS pcidss pci dss pci-dss soar loughton Debden essex London

JBRP1_UKTJ