Overview
We are seeking an experienced, client-facing Lead DevSecOps Engineer to drive and coordinate DevSecOps practices across multiple digital products delivered as part of a wider MOD business and digital transformation programme. Products will be deployed across the MOD digital estate (MODCloud), including MOD’s instances of Microsoft Azure (MODCloud ACE/i-ACE), AWS (MODCloud ICE) and Oracle Cloud Infrastructure (OCI/MODCloud OCE).
Key Responsibilities
- Design, implement, document and continuously improve DevSecOps practices across the delivery teams, including secure, automated CI/CD pipelines.
- Integrate security scanning into build, test and deployment workflows.
- Manage the vulnerability life cycle, including allowlist processes and risk acceptance where required.
- Oversee secrets management and identity/access management.
- Enforce policy for workloads, container images and infrastructure.
- Build observability, monitoring, logging and audit controls.
- Partner with developers to embed secure-by-design engineering and ensure compliance with MOD security standards.
- Enable and govern Infrastructure as Code (IaC) practices across teams and environments.
- Contribute to incident response, patching cycles and compliance reporting, capturing lessons learned and tracking actions.
- Document security processes, controls and operational runbooks in Confluence.
Essential Qualifications
- Proven experience as a DevSecOps Lead, establishing and operating DevSecOps ways of working and associated tooling.
- Hands-on and leading experience with CI/CD and GitOps (e.g. GitHub Actions, Argo CD, Argo Rollouts).
- Experience with security and compliance tooling (e.g. Trivy scanning, HashiCorp Vault, cert-manager).
- Experience with containers and orchestration (e.g. Docker, AWS EKS).
- Experience with Infrastructure as Code (e.g. Terraform).
- Experience with observability (e.g. Grafana, Loki).
- Scripting and automation skills (e.g. Python, Bash).
- Knowledge of cloud and networking fundamentals (e.g. AWS IAM, S3, network policies).
- Experience delivering within the UK Government Digital Service (GDS) life cycle on a public sector engagement.
- Experience working with and leading distributed and hybrid teams.
- Strong facilitation, communication and stakeholder management skills with experience influencing at multiple levels.
Highly Desirable
- Experience leading DevSecOps engineering for products hosted on the MOD digital estate, spanning Microsoft Azure, AWS and Oracle Cloud Infrastructure.
Travel & Work Arrangement
Hybrid role, predominantly remote, with some travel to various sites (estimated average 1 day per week to London and/or Bristol/Bath; occasionally more during specific delivery phases).
#J-18808-Ljbffr…
