Senior Security Engineer / DevSecOps Engineer
Location: Multiple locations across the UK (hybrid & flexible)
Salary: Up to £85,000 + comprehensive benefits package
The Opportunity
A large-scale digital organisation is undertaking a significant technology transformation, building modern cloud platforms that support millions of users across consumer and enterprise services. Security is a core design principle-not an afterthought-and this role sits directly within engineering teams to ensure that security is embedded from the very first line of code.
This position is ideal for an experienced Security Engineer or DevSecOps Engineer who enjoys working hands-on with cloud-native platforms, collaborating with developers, and influencing secure design at scale. You'll play a key role in shaping how secure software is built, deployed, and operated across a complex Azure-based environment.
What You'll Be Doing
- Partnering directly with software engineers to identify and reduce security risks early in the development lifecycle
- Reviewing application code and cloud configurations, providing pragmatic guidance rather than blockers
- Designing and implementing security controls across CI/CD pipelines and cloud infrastructure
- Driving improvements in secure development maturity, tooling, and automation
- Supporting teams with threat modelling, secure architecture patterns, and cloud security best practices
- Working closely with central security, platform, and engineering teams to balance risk, delivery, and usability
- Helping define and continuously improve secure engineering standards and ways of working
- Monitoring and improving platform security through logging, alerting, and posture management
What You'll Bring
Technical Experience
- Strong hands-on experience with Microsoft Azure in production environments
- Familiarity with .NET-based applications and modern API-driven architectures
- Experience embedding security into CI/CD pipelines and cloud-native workflows
- Knowledge of secure development frameworks and practices (e.g. OWASP-based approaches)
- Experience with application security tooling such as SAST, SCA, DAST, or container security
- Understanding of cloud networking, identity, access management, and secure integrations
Ways of Working
- Comfortable working as part of a cross-functional engineering team
- Able to communicate security risks clearly to both technical and non-technical stakeholders
- Pragmatic mindset: focused on enabling delivery securely rather than enforcing rigid controls
- Confident collaborating across teams and influencing without authority
- Curious, adaptable, and motivated to learn as platforms and technologies evolve
Why Join
- Performance-related bonus
- Generous pension and life assurance
- Private medical cover
- 28 days annual leave plus bank holidays, with flexibility to buy or sell days
- Strong wellbeing support and employee benefits
- Hybrid working model with flexibility across UK locations
