As a DevSecOps Consultant, you will support the design, implementation, and operation of secure, scalable cloud environments and modern software delivery practices within AWS environments. Working alongside senior engineers and architects, you will help embed security throughout the software development lifecycle while leveraging automation and emerging AI-enabled capabilities to improve delivery efficiency and operational resilience.
This role offers exposure across cloud engineering, DevSecOps, infrastructure automation, and security engineering within enterprise environments. You will gain hands-on experience building CI/CD pipelines, implementing Infrastructure as Code (IaC), supporting cloud security initiatives, and enabling secure delivery practices within agile teams.
The role combines:
- Cloud-native DevSecOps (AWS-first)
- Security engineering and compliance
- Automation and observability
- Exposure to AI-enabled engineering practices
Key Responsibilities
- Support the implementation and maintenance of CI/CD pipelines incorporating automated testing and security controls.
- Assist in building and managing Infrastructure as Code (IaC) using tools such as Terraform and CloudFormation.
- Contribute to the adoption of DevSecOps practices across the SDLC, including SAST, DAST, dependency scanning, and secrets management.
- Support the configuration and maintenance of secure AWS environments, including IAM policies, VPC configurations, encryption mechanisms, and access controls.
- Assist with the deployment and operation of containerised and serverless workloads using services such as ECS, EKS, and Lambda.
- Monitor applications and infrastructure using logging, alerting, and observability tools to support reliability and incident response.
- Participate in deployment activities and support automated release strategies, including rollback procedures and environment promotion processes.
- Assist with integrating automation and AI-enabled tooling into engineering workflows where appropriate.
- Support compliance initiatives by helping maintain controls aligned to organisational and regulatory requirements.
- Collaborate closely with developers, architects, security teams, and other stakeholders to enable secure and efficient software delivery.
- Contribute to documentation, operational runbooks, and knowledge-sharing activities.
Skills and Experience Required
- Up to 3 years of hands-on experience in DevOps, Cloud Engineering, Platform Engineering, Site Reliability Engineering (SRE), or DevSecOps-related roles.
- Foundational understanding of CI/CD concepts and experience working with pipeline tools such as GitHub Actions, GitLab CI, Jenkins, or similar platforms.
- Exposure to Infrastructure as Code (IaC) practices using Terraform, CloudFormation, or equivalent technologies.
- Familiarity with containerisation technologies such as Docker and basic understanding of Kubernetes concepts.
- Understanding of AWS cloud services and core security principles, including identity and access management.
- Experience developing scripts or automation using Python, Bash, Shell, or similar scripting languages.
- Knowledge of secure software development practices and common security vulnerabilities.
- Understanding of agile delivery methodologies and collaborative software development practices.
- Strong analytical, problem-solving, and communication skills.
- Demonstrated willingness to learn and adapt within fast-paced delivery environments.
AWS and Infrastructure Experience
Exposure to some of the following AWS services and capabilities is expected:
Compute
Containers
Storage
Networking
Identity and Security
Monitoring and Logging
Candidates should also have exposure to:
- Infrastructure provisioning and automation practices.
- Supporting multiple development, testing, and production environments.
- Working with CI/CD tooling to automate software delivery processes.
- Troubleshooting cloud infrastructure and deployment issues.
Security and Compliance
Exposure to one or more of the following areas would be advantageous:
- Static Application Security Testing (SAST)
- Dynamic Application Security Testing (DAST)
- Software Composition Analysis (SCA)
- Container vulnerability scanning
- Secrets management practices
- OWASP Top 10 awareness
- CIS Benchmarks
- Basic understanding of governance, risk, compliance, and audit requirements
Good to Have
- Exposure to AWS AI and machine learning services such as Bedrock or SageMaker.
- Awareness of MLOps or LLMOps concepts and workflows.
- Familiarity with GitOps practices and deployment automation frameworks.
- Experience using AI-assisted engineering tools or developer productivity solutions.
- Understanding of cloud cost optimisation and FinOps principles.
- Exposure to regulated industries such as government, healthcare, banking, or financial services.
What We're Looking For
- We are seeking a motivated engineer with a strong foundation in cloud and DevOps practices who is eager to deepen their expertise in DevSecOps and secure software delivery. The ideal candidate is hands-on, collaborative, and passionate about continuous learning, automation, and building secure systems that enable high-quality digital delivery.
