DevSecOps Practitioner

Job Description

We are expanding our Cyber Security offer and have exciting opportunities for all cyber security experts to come and join the UKs leading independent IT consultancyAbout UsWere an award-winning innovative tech consultancy - a team of creative problem solvers. Since 1993 weve been finding better, more sustainable ways to solve complex technology problems for some of the worlds leading organisations and delivered solutionsthat millions of people use every day.In the last 30 years we won several awards, including a prestigious Queens Award for Enterprise in the Innovation category for our Enterprise Agile delivery approach.Operating from 26 locations across the world, we bring together teams of creative experts with diverse backgrounds and experiences, who enjoy working and learning in our collaborative and open culture and are committed to world-class delivery.We want to continue to grow our team with people just like you!About the RoleWere looking to hire a hands-on DevSecOps practitioner, someone with an understanding of Cloud and a strong background in security architectures and solutions.Youre a technologist who sets direction for others, comfortable leading teams of other highly experienced technologists and keenly aware of changes to the landscape. You are hands-on, recently or currently from a development or technical architecture background,relishing being involved in the thick of project delivery. You will be equally comfortable working with technology and people, clients and colleagues alike and be seen as a natural decision maker.You will devise ways to do things better, drive forward change, learn and explore new technologies. You will be interested in sharing our knowledge with others, internal and external.Youll work in a fast moving, agile environment, within multi-disciplinary teams, delivering advanced technology solution to a range of clients across the globe. You will enjoy mentoring and possibly leading a team to deliver quality outcomes.Youll get to work with some of the brightest and best in the industry on some of the most exciting digital programmes around. Not only will this experience allow you to develop your skills, but youll also learn new techniques and refine your interests.You will actively engage other disciplines to improve the understanding and effectiveness of how we work together to build better solutions. BJSS emphasises collaboration across disciplines. BJSS champions a culture where everyone works together, owningand resolving challenges as a team.This role would suit an experienced candidate in a similar, security focussed role (Cyber, IT Security, DevOps, SOC Analyst, Cyber Engineer, SIEM Engineer etc), who is looking to progress their career in a forward-thinking cloud-first organisation.Some of the Responsibilities include:

• Hands on and able to Work with blended team to deliver DevSecOps services to clients
• A thought leader in DevOps, Security and Engineering and able and willing to provide a point of view on DevSecOps to clients
• Able to advise a range of partners across diverse business and technology communities
• A technology leader able to set direction for clients and BJSS
• Champion of new tools and techniques
• Demonstrable passion and enthusiasm for security, including the ability to keep current with the latest threats, technologies, and trends

Experience Required for the role

• Solid experience in a similar technical Cyber/IT Security/InfoSec based role (e.g., SOC Analyst, Cyber Engineer, SIEM Engineer)
• Deliver security automation in CI/CD pipelines
• Solid experience in Platform engineering & DevOps techniques
• Experience in agile delivery
• Detailed knowledge of Infrastructure as Code tools and config management tools
• Experience with security tool sets (SIEM, EDR, NDR, Packet Capture / Analysis, etc.)
• The ability to contextualise, categorise and prioritise security events, incidents, and alerts
• Knowledge of security framework and standards implementation (NiST, ISO27001, PCI-DSS, etc)
• Apply novel techniques for automating DAST, SAST and SCA tools along with security testing frameworks
• Hands-on experience with network security tooling
• A strong background in observability, logging and metrics aggregation along with SIEM tools
• Experience with Disaster Recovery design
• Some knowledge of common programming languages to provide application security support
• Understand the whole lifecycle including analysis, enterprise development, build & deployment, and support
• Thorough understanding of adversarial tactics, techniques, and procedures
• Strong attention to detail with an analytical mindset and the ability to spot and investigate anomalous behaviour

About YouTo be qualified for this role, you should hold a degree in a relevant field, like Cyber Security, Computer Science, IT or Software Engineering or the equivalent level of experience. An understanding of Microsoft, AWS or GCP technologies. If youre naturallyinquisitive, a helper, enjoy assisting people with software or infrastructure issues and are able to explain technical details simply, wed like to meet you.The role will have flexible working hours on a shift system and will possibly include occasional late-night shifts or out of hours working.Ultimately, you will be a person our customers trust. They will rely on you to provide timely and accurate solutions to their technical problems.Please note: any applicants must be able to gain valid SC clearance.