Lead DevSecOps Engineer

**Lead DevSecOps Engineer – 6 month initial contract – £650 per day (INSIDE IR35) – 2-3 days per week onsite (range of locations available)**

Security Clearance: Due to the nature of the work, an active SC clearance is required for this role.

We are looking for a Lead DevSecOps role to join a digital transformation programme. This position is responsible for ensuring that security is built into every part of the development lifecycle, specifically ensuring that security tooling (native and non-native) is properly embedded into CI/CD CI/CD pipelines. The role holder will be part of the transformation programmes including tech debt replacement and migration, embedding security to ensure seamless integration of new systems/ features and workflows.

The Lead DevSecOps role will be responsible for ensuring that the replacement systems are security compliant, adhering to standards such as Secure by Design and GovAssure, utilising a shift left mentality to fix problems before production. This is as part of highly complex legacy replacements involving approximately 90,000 users.

Essential skills and experience:

Strong hands-on expertise in DevSecOps practices, particularly security automation in CI/CD and infrastructure-as-code pipelines.
Deep understanding of modern DevOps tooling (e.g., GitHub Actions/ CircleCI, Terraform, Kubernetes, Docker) with secure configurations.
Experience implementing security controls in cloud-native environments (e.g., AWS or Azure) including IAM, network policies, and container security.
Proven track record of using tools such as Snyk, Trivy, Checkov, OPA/Gatekeeper/ OWASP ZAP, or similar to enforce pipeline and platform security.
Familiarity with compliance requirements (e.g., NIST, ISO 27001, CIS Benchmarks) and their implementation via code.
Ability to lead and mentor teams on secure coding, threat modelling, and secure architecture patterns.
Experience with monitoring, logging, and security telemetry platforms (e.g., Prometheus, Loki, ELK, XDR/SIEM integrations).