SonicJobs Logo
Login
Left arrow iconBack to search
  1. Home
  2. Loughton, Essex
  3. DevSecOps Engineer

DevSecOps Engineer

Profile 29
Posted 3 days ago, valid for 16 days
Location

Loughton, Essex IG10 1EZ, England

Contract type

Full Time

In order to submit this application, a Reed account will be created for you. As such, in addition to applying for this job, you will be signed up to all Reed’s services as part of the process. By submitting this application, you agree to Reed’s Terms and Conditions and acknowledge that your personal data will be transferred to Reed and processed by them in accordance with their Privacy Policy.

Sonic Summary

info
  • The company is seeking an experienced DevSecOps Engineer for a 6-month onsite contract in Debden IG10, with a daily rate of up to £700.
  • Candidates must have strong expertise in Azure cloud security, Microsoft Defender, and Microsoft Sentinel, along with extensive experience in Terraform for IaC security automation.
  • The role involves creating a business strategy for securing Azure infrastructure, integrating security automation, and ensuring PCI DSS compliance.
  • Applicants should have a deep understanding of incident response planning and threat detection, as well as the ability to mentor internal engineers.
  • Hybrid or remote working is not available, and candidates must be able to work onsite from Monday to Friday.

Job: DevSecOps Engineer (Debden IG10)

• Mon-Fri onsite in Debden IG10

• Offices a 5 mins walk from Debden tube station (Central line)

• Rate to £700 per day (direct contract with the client) for 6 months

• Free onsite gym & parking

Please only apply if you are able to work from their Debden offices Monday-Friday. Hybrid or remote working is not available.

Company

Established in 2009 and regulated by the FCA, this multi-award-winning finance & credit company has a proven track record for customer and employee satisfaction. With a Trustpilot rating of 4.8/5 and over 33,500 combined online reviews, they pride themselves on their customer service and their duty as a responsible lender.

Role

This company is seeking an experienced DevSecOps Engineer for an initial 6-month contract in a Work from Office (WFO) role. This role will focus on creating a business strategy, gap analysis and implementation, for securing their Azure-based infrastructure, integrating security automation, ensuring PCI DSS compliance, vulnerability and penetration testing and incident response.

This role will focus on developing and maintaining secure, scalable Azure DevOps pipelines and Infrastructure as Code (IaC) using Terraform. Their ideal candidate will have a strong background in cloud security best practices, automation, and a proactive approach to integrating security across their software delivery lifecycle.

A key part of this position will also involve mentoring an internal engineer, developing structured security policies, and managing Sentinel, Defender and SOAR solutions for automated threat response.

Additionally, the role requires liaising with third-party support partners to coordinate security solutions, manage incidents, and enhance overall cybersecurity posture.

Responsibilities

Infrastructure Security: Architect and secure Azure-based infrastructure using Terraform, ensuring adherence to security best practices by developing, maintaining, and optimizing Terraform code.

DevOps Pipeline Development and Maintenance: Design, develop, and optimize Azure DevOps pipelines with security embedded at every stage.

Cloud Security Implementation: Leverage Azure Security Centre, Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring.

Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime.

Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS).

Vulnerability & Penetration Testing: Review Penetration Testing, vulnerability assessments, and security scanning to proactively identify and remediate risks.

PCI DSS Compliance: Conduct security audits, risk assessments, and ensure regulatory compliance.

DNS Security: Implement and monitor DNS security solutions to prevent cyber threats.

Incident Response: Formulating and documenting a solid process utilising a 3rd party support partner

Security Monitoring & Logging: Develop SIEM solutions, logging strategies, and real-time threat intelligence. Monitor, audit, and improve infrastructure security posture using automated tooling.

Policy & Procedures: Define and enforce security policies, incident response strategies, and structured action plans for proactive risk mitigation.

Collaboration & Mentoring: Support and upskill an internal engineer, ensuring long-term knowledge transfer and security expertise.

Liaising with Third-Party Support Partners: Work closely with external security providers, vendors, and consultants to coordinate security solutions, manage incident response processes, and ensure best practices align with organizational security strategy.

Documentation & Handover: Ensure detailed documentation and knowledge transfer for post-contract continuity.

Required

Strong expertise in Azure cloud security, Microsoft Defender, and Microsoft Sentinel.

Proven experience in SOAR technologies for security automation and response orchestration.

Hands-on experience with penetration testing, vulnerability assessments, and security scanning.

Experience implementing and managing WAF, IPS, and DNS security solutions.

Extensive experience with Terraform for IaC security automation.

Knowledge of DevOps pipelines (CI/CD) and security hardening.

Deep understanding of PCI DSS compliance, security frameworks, and audit processes.

Familiarity with SIEM solutions, security orchestration platforms, and log management.

Strong experience with incident response planning, threat detection, and mitigation.

Ability to define security policies, procedures, and structured action plans for compliance and risk management.

Proficiency in scripting languages (Python, Bash, PowerShell) for security automation.

Strong interpersonal skills to mentor and train internal engineers while working effectively in an office environment.

Experience working with third-party support partners, vendors, and security consultants to manage external security operations.

Desirable

Certifications: Azure Security Engineer Associate, CISSP, OSCP (Offensive Security Certified Professional), CCSP, or equivalent.

Experience with container security (Docker, Kubernetes).

Knowledge of NIST, ISO 27001, SOC 2 compliance frameworks.

Familiarity with Zero Trust security principles.

Other Stuff

Please only apply if you are able to work from their Debden offices Monday-Friday. Hybrid or remote working is not available.

Profile 29 recruitment keywords: DevSecOps DevOps Azure cloud security Microsoft Defender Microsoft Sentinel WAF IPS DNS pcidss pci dss pci-dss soar loughton Debden essex London freelance contract

Apply now in a few quick clicks

In order to submit this application, a Reed account will be created for you. As such, in addition to applying for this job, you will be signed up to all Reed’s services as part of the process. By submitting this application, you agree to Reed’s Terms and Conditions and acknowledge that your personal data will be transferred to Reed and processed by them in accordance with their Privacy Policy.

Logo
SonicJobs
Your next career move. Sorted.
Search jobsbackground image

Contact us

© 2017 - 2025 SonicJobs App Ltd. All rights reserved

Terms & Conditions | Privacy Policy | Browse Jobs