SonicJobs Logo
Login
Left arrow iconBack to search
  1. Home
  2. Loughton, Essex
  3. DevSecOps Engineer

DevSecOps Engineer

Profile 29
Posted a day ago, valid for a month
Location

Loughton, Essex IG10, England

Salary

£500 - £700 per day

Contract type

Full Time

In order to submit this application, a TotalJobs account will be created for you. As such, in addition to applying for this job, you will be signed up to all TotalJobs’ services as part of the process. By submitting this application, you agree to TotalJobs’ Terms and Conditions and acknowledge that your personal data will be transferred to TotalJobs and processed by them in accordance with their Privacy Policy.

Sonic Summary

info
  • The company is seeking a DevSecOps Engineer for a 6-month contract based in Debden IG10, requiring onsite work Monday to Friday.
  • The role offers a competitive rate of up to £700 per day and includes benefits like a free onsite gym and parking.
  • Candidates should have strong expertise in Azure cloud security, experience with Terraform, and a background in security automation and incident response.
  • A minimum of several years of relevant experience in cloud security and DevOps practices is required, along with proficiency in scripting languages for automation.
  • Ideal candidates will also possess certifications such as Azure Security Engineer Associate or CISSP and should be prepared to mentor internal engineers.

Job: DevSecOps Engineer (Debden IG10)

Mon-Fri onsite in Debden IG10

Offices a 5 mins walk from Debden tube station (Central line)

Rate to £700 per day (direct contract with the client) for 6 months

Free onsite gym & parking

Please only apply if you are able to work from their Debden offices Monday-Friday. Hybrid or remote working is not available.

Company

Established in 2009 and regulated by the FCA, this multi-award-winning finance & credit company has a proven track record for customer and employee satisfaction. With a Trustpilot rating of 4.8/5 and over 33,500 combined online reviews, they pride themselves on their customer service and their duty as a responsible lender.

Role

This company is seeking an experienced DevSecOps Engineer for an initial 6-month contract in a Work from Office (WFO) role. This role will focus on creating a business strategy, gap analysis and implementation, for securing their Azure-based infrastructure, integrating security automation, ensuring PCI DSS compliance, vulnerability and penetration testing and incident response.

This role will focus on developing and maintaining secure, scalable Azure DevOps pipelines and Infrastructure as Code (IaC) using Terraform. Their ideal candidate will have a strong background in cloud security best practices, automation, and a proactive approach to integrating security across their software delivery lifecycle.

A key part of this position will also involve mentoring an internal engineer, developing structured security policies, and managing Sentinel, Defender and SOAR solutions for automated threat response.

Additionally, the role requires liaising with third-party support partners to coordinate security solutions, manage incidents, and enhance overall cybersecurity posture.

Responsibilities

Infrastructure Security: Architect and secure Azure-based infrastructure using Terraform, ensuring adherence to security best practices by developing, maintaining, and optimizing Terraform code.

DevOps Pipeline Development and Maintenance: Design, develop, and optimize Azure DevOps pipelines with security embedded at every stage.

Cloud Security Implementation: Leverage Azure Security Centre, Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring.

Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime.

Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS).

Vulnerability & Penetration Testing: Review Penetration Testing, vulnerability assessments, and security scanning to proactively identify and remediate risks.

PCI DSS Compliance: Conduct security audits, risk assessments, and ensure regulatory compliance.

DNS Security: Implement and monitor DNS security solutions to prevent cyber threats.

Incident Response: Formulating and documenting a solid process utilising a 3rd party support partner

Security Monitoring & Logging: Develop SIEM solutions, logging strategies, and real-time threat intelligence. Monitor, audit, and improve infrastructure security posture using automated tooling.

Policy & Procedures: Define and enforce security policies, incident response strategies, and structured action plans for proactive risk mitigation.

Collaboration & Mentoring: Support and upskill an internal engineer, ensuring long-term knowledge transfer and security expertise.

Liaising with Third-Party Support Partners: Work closely with external security providers, vendors, and consultants to coordinate security solutions, manage incident response processes, and ensure best practices align with organizational security strategy.

Documentation & Handover: Ensure detailed documentation and knowledge transfer for post-contract continuity.

Required

Strong expertise in Azure cloud security, Microsoft Defender, and Microsoft Sentinel.

Proven experience in SOAR technologies for security automation and response orchestration.

Hands-on experience with penetration testing, vulnerability assessments, and security scanning.

Experience implementing and managing WAF, IPS, and DNS security solutions.

Extensive experience with Terraform for IaC security automation.

Knowledge of DevOps pipelines (CI/CD) and security hardening.

Deep understanding of PCI DSS compliance, security frameworks, and audit processes.

Familiarity with SIEM solutions, security orchestration platforms, and log management.

Strong experience with incident response planning, threat detection, and mitigation.

Ability to define security policies, procedures, and structured action plans for compliance and risk management.

Proficiency in scripting languages (Python, Bash, PowerShell) for security automation.

Strong interpersonal skills to mentor and train internal engineers while working effectively in an office environment.

Experience working with third-party support partners, vendors, and security consultants to manage external security operations.

Desirable

Certifications: Azure Security Engineer Associate, CISSP, OSCP (Offensive Security Certified Professional), CCSP, or equivalent.

Experience with container security (Docker, Kubernetes).

Knowledge of NIST, ISO 27001, SOC 2 compliance frameworks.

Familiarity with Zero Trust security principles.

Other Stuff

Please only apply if you are able to work from their Debden offices Monday-Friday. Hybrid or remote working is not available.


In accordance with GDPR by applying you give Profile 29 consent to use your data for recruitment purposes only (details of Profile 29s privacy policy can be found at: profile-29 .com/privacy)

Profile 29 recruitment keywords: DevSecOps DevOps Azure cloud security Microsoft Defender Microsoft Sentinel WAF IPS DNS pcidss pci dss pci-dss soar loughton Debden essex London freelance contract

Apply now in a few quick clicks

In order to submit this application, a TotalJobs account will be created for you. As such, in addition to applying for this job, you will be signed up to all TotalJobs’ services as part of the process. By submitting this application, you agree to TotalJobs’ Terms and Conditions and acknowledge that your personal data will be transferred to TotalJobs and processed by them in accordance with their Privacy Policy.
Logo
SonicJobs
Your next career move. Sorted.
Search jobsbackground image

Contact us

© 2017 - 2025 SonicJobs App Ltd. All rights reserved

Terms & Conditions | Privacy Policy | Browse Jobs