Summary: We are looking for a Senior DevSecOps Engineer with a strong focus on Azure Security to ensure the security and compliance of our cloud infrastructure. The role involves developing security policies, integrating security into the CI/CD pipeline, and conducting security assessments. The position is fully remote and requires collaboration with various teams to enhance security practices. The successful candidate will undergo BPSS clearance.

Key Responsibilities:

• Develop and implement security policies, standards, and procedures for Azure cloud environments, ensuring compliance with industry regulations and best practices.
• Collaborate with development, operations, and security teams to integrate security controls and practices into the CI/CD pipeline and overall DevOps workflow.
• Conduct security assessments, vulnerability scanning, and penetration testing of Azure resources, applications, and infrastructure components.
• Monitor and analyze security logs, events, and alerts to identify potential security incidents and recommend appropriate mitigation strategies.
• Configure and manage security tools and technologies in Azure, such as Azure Security Center, Azure Sentinel, Azure Key Vault, and Azure Active Directory.
• Implement and maintain secure identity and access management (IAM) policies and controls for Azure resources, including role-based access control (RBAC) and multi-factor authentication (MFA).
• Collaborate with development teams to ensure secure coding practices and perform code reviews to identify and remediate security vulnerabilities.
• Provide guidance and support to development teams on implementing secure architecture and design principles for Azure-based applications and services.
• Stay up to date with the latest security threats, vulnerabilities, and industry trends related to Azure and cloud computing, and provide recommendations for enhancing security posture.

Key Skills:

• Minimum 7 years of relevant experience.
• Outstanding English communication, both verbal and non-verbal.
• Ability to review and provide input on the architecture of applications, systems, and networks for security best practices.
• Experience automating security processes and implementing security orchestration (e.g. Azure DevOps).
• Experience in designing and implementing secure and scalable architectures related to Application Development.
• Experience participating in agile development teams and integrating security into the development lifecycle.
• Familiarity with cloud security concepts and best practices in Azure.
• Familiarity with security scanning tools for code (e.g., Snyk) and infrastructure (e.g., Nessus).
• Familiarity with tools for automating security testing and compliance checks.
• In-depth knowledge of DevOps practices and tools (e.g., GitHub, Docker, etc).
• Proficiency in scripting and programming languages (e.g., Python, PowerShell, etc.)

Salary (Rate): undetermined

City: undetermined

Country: England

Working Arrangements: remote

IR35 Status: inside IR35

Seniority Level: Senior

Industry: IT