DevOpsHunt
Jobs / Centellic

DevSecOps Engineer

Centellic · London, ENG, United Kingdom
London, ENG, United KingdomRemote
Remuneration
Not specified
Location
London, ENG, United Kingdom
Visa sponsorship
Not specified

Job summary

As a DevSecOps Engineer at Centellic, you will be responsible for securing cloud-hosted infrastructure, applications, and CI/CD pipelines by embedding security best practices throughout the software delivery lifecycle. You will work across Azure Kubernetes Services (AKS), Azure Virtual Machines, networking components, and application workloads to protect systems from vulnerabilities and emerging threats. This role involves collaborating with various teams, automating security controls, and contributing to the continuous improvement of cloud security posture.

Benefits

Eye careEmployee Assistance ProgrammeBirthday day offPension (4% employer contribution, 4% employee contribution)Life assuranceCycle to work schemeSeason ticket loan350 annual wellbeing allowancePuregym accessPerks at work platform accessPrivate healthcareCompany socialsAccess to Employee Affinity NetworksMentoring schemeVolunteering DayMortgage AdviceWork from anywhere (2 weeks)Generous parental leave

Qualifications

  • Strong ability to diagnose and resolve complex cloud and security issues across infrastructure, applications, and DevOps tooling.
  • Ability to translate security requirements into practical engineering tasks.
  • Clear communicator able to explain security concepts to non-security stakeholders.
  • Works calmly under pressure with strong time-management skills.
  • Curious, proactive, and able to independently identify improvements.
  • Knowledge of security best practices for Azure, including networking, RBAC, managed identities, logging, and monitoring.
  • Expertise in Kubernetes security: network policies, PodSecurityStandards, RBAC, image security, secrets, ingress security, and high-availability configurations.
  • Proficiency in Terraform and Terraform-security concepts (policies, modules, scanning tools).
  • Experience with Azure DevOps CI/CD, including YAML pipelines, secure build pipelines, artifact management, and release governance.
  • Knowledge of container technologies: container hardening, image optimization, multi-stage builds, secure base image selection.
  • Experience with Trivy (or similar), dependency scanning, and SAST/DAST tools.
  • Scripting skills with Python, Bash, or PowerShell for automation.
  • Proficiency in Git and branching strategies with a security-focused approach.
  • Knowledge of WAF, API security, OWASP Top 10, and common cloud-security frameworks.
  • Experience with WAF rules management, including creation, tuning, and monitoring.
  • Knowledge of SSL/TLS configuration best practices and certificate lifecycle management.
  • Experience with Cloudflare security features including WAF, SSL, and Zero Trust options.

Responsibilities

  • Ensure the security of cloud-hosted infrastructure, applications, and CI/CD pipelines.
  • Embed security best practices throughout the software delivery lifecycle.
  • Enable development and cloud engineering teams to build, deploy, and operate secure, scalable, and resilient systems.
  • Work across Azure Kubernetes Services (AKS), Azure Virtual Machines, networking components, and application workloads to protect systems from vulnerabilities, misconfigurations, and emerging threats.
  • Champion secure-by-design principles.
  • Automate security controls.
  • Maintain strong monitoring and incident response practices.
  • Collaborate with Development, Cloud Engineering, and Product teams to embed security into cloud and application architectures.
  • Provide guidance on secure design patterns and technical security recommendations.
  • Support colleagues in understanding secure engineering principles and emerging threats.
  • Enhance and maintain secure Infrastructure as Code (IaC) using Terraform, ensuring compliance with internal policies and standards.
  • Embed automated security checks into Azure DevOps CI/CD pipelines, including static analysis, dependency scanning, and IaC scanning.
  • Ensure Kubernetes workloads follow best practices: RBAC, network policies, secrets management, image security, and ingress protections.
  • Support secure configuration of Azure VMs hosting legacy or specialized products.
  • Operate and enhance container vulnerability scanning.
  • Monitor CVEs relevant to Centellic’s stack and coordinate remediation activities with engineering teams.
  • Perform regular reviews of Terraform modules, container images, Helm charts, and AKS configurations to identify misconfigurations and risks.
  • Work with monitoring tooling (e.g., Datadog or Azure Monitor) to detect anomalous or suspicious activity.
  • Maintain alerting rules, dashboards, and security signals supporting rapid detection and response.
  • Participate in incident response, including root-cause analysis and post-incident improvements.

Skills

AKSAzureAzure DevOpsAzure Key VaultAzure MonitorBashCloudflareDatadogGitHelmKubernetesPowerShellPythonTerraformTrivyVault

Relocation

No
Apply Now