DevSecOps (contract) - Cyber
Worcester, England, United Kingdom
Full Time Contract Senior-level / Expert Clearance required GBP 70K - 131K *
Methods
Delivering end-to-end business & technical solutions that are people-centred, safe, & designed for the future.
Methods Business and Digital Technology Limited
Methods is a £100M+ IT Services Consultancy who has partnered with a range of central government departments and agencies to transform the way the public sector operates in the UK. Established over 30 years ago and UK-based, we apply our skills in transformation, delivery, and collaboration from across the Methods Group, to create end-to-end business and technical solutions that are people-centred, safe, and designed for the future.
Our human touch sets us apart from other consultancies, system integrators and software houses - with people, technology, and data at the heart of who we are, we believe in creating value and sustainability through everything we do for our clients, staff, communities, and the planet.
We support our clients in the success of their projects while working collaboratively to share skill sets and solve problems. At Methods we have fun while working hard; we are not afraid of making mistakes and learning from them.
Predominantly focused on the public-sector, Methods is now building a significant private sector client portfolio.
Methods was acquired by the Alten Group in early 2022.
Methods is currently recruiting for a DevSecOps Engineer (Cyber) Consultant to join our team on a permanent basis. This role will be based on-site
Requirements
- Specialised in cloud management of platforms, applications, data and supporting infrastructure in the capacity of a system administrator of either the AWS or Azure platform
- Developing automation to support continuous delivery of changes using technologies on the Azure platform.
- Developing infrastructure as a service configuration to automate the creation of infrastructure and platforms to host test and production systems
- Building and setting up new development tools and infrastructure
- Understanding the needs of stakeholders and conveying this to developers
- Working on ways to automate and improve development and release processes
- Testing and examining code written by others and analysing results
- Ensuring that systems are safe and secure against cybersecurity threats
- Familiar with the NCSC secure design principles
- Familiar with managing security of cloud platforms, including administration of secrets, tokens and certificates.
- Working with Architects, Data and Software Engineers to ensure that development follows established processes and works as intended
- Planning out projects and being involved in project management decisions
- Responsible for the design, security, and maintenance of cloud infrastructure
- Making and guiding effective decisions, explaining clearly how the decision has been reached with the ability to understand and resolve technical disputes across varying levels of complexity and risk.
- Communicating effectively across organisational, technical and political boundaries to understand the context and how to make complex and technical information and language simple and accessible for non-technical audiences.
- Understanding of how to expose data from systems (for example, through APIs), link data from multiple systems and deliver streaming services.
- Ensuring that risks associated with deployment are adequately understood and documented.
- Ideal Candidates will demonstrate:
- Experience working across cyber security teams would be beneficial
- Solid infrastructure design experience for both on-prem and cloud, to implement or migrate applications and databases to Azure.
- Solid experience in a range of technologies and be able to make assessments as to what is best to be used for the projects and the organisation. As well as suggest and develop innovative approaches within constrained projects and environments.
- Strong experience in software development, change / release management processes, and technical governance to fully understand the typical lifecycle and maintenance of live systems.
- Ability to work with containerization platforms such as Kubernetes, PKS, Docker; cloud provisioning software, including Ansible, Terraform, Azure blueprints, ARM templates; and application performance analysis and monitoring
- Experience of functional and non-functional testing including automated deployment experience of applications and databases.
- Understanding of the government digital service manual and standards across Discovery/Alpha/Beta/Live phases.
- Understanding of SaaS, PaaS, IaaS technologies and the implications of their use compared with bespoke development.
- Being able to provide training, support and mentoring to the wider business
- Knowledge of how to ensure that risks associated with deployment are adequately understood and documented.
Desirable Skills & Experience:
- Worked as part of a system support team, managing live systems and triaging & resolving incidents to resolution including management of known defects and issues.
- Worked as part of multi-disciplinary project team.
- Experience with Terraform to deploy cloud infrastructure in Azure
- Experience with Azure DevOps and GitHub Actions to automate the build and deploy of containerised applications
- Experience implementing effective instrumentation to monitor applications
- Experience implementing SAST and DAST tooling in deployment pipelines like Trivvy and SonarQube
- Experience of both AWS and Azure Dev Ops tooling.
This role will require you to have or be willing to go through Security Clearance. As part of the onboarding process candidates will be asked to complete a Baseline Personnel Security Standard; details of the evidence required to apply may be found on the government website Gov.UK. If you are unable to meet this and any associated criteria, then your employment may be delayed, or rejected . Details of this will be discussed with you at interview.
Benefits
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Ansible APIs Automation AWS Azure Clearance Cloud DAST DevOps DevSecOps Docker GitHub Governance IaaS Kubernetes Monitoring PaaS SaaS SAST Security Clearance SonarQube Terraform
Perks/benefits: Career development
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Penetration Tester jobs
- Open Cloud Security Architect jobs
- Open Security Operations Engineer jobs
- Open Principal Security Engineer jobs
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Senior Product Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Cyber Security Architect jobs
- Open IT Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Network Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Security Consultant jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Security Operations Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information Security Architect jobs
- Open Information System Security Officer jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open SOC-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Threat intelligence-related jobs
- Open Vulnerability management-related jobs
- Open DoD-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open CEH-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open SaaS-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open Java-related jobs
- Open EDR-related jobs
- Open TS/SCI-related jobs