Senior DevSecops Engineer - Outside IR35

London
3 days ago
Create job alert

We are seeking a Senior DevSecOps Engineer to support a greenfield mobile and web application build in a regulated environment. This role focuses on security governance, architecture guidance and assurance across Azure, AWS, Kubernetes and SaaS platforms.

You will define security standards, guide engineering teams on best practice, and ensure solutions meet Cyber Essentials Plus, ISO 27001 and Zero Trust requirements. This is not a BAU ops role-you'll act as the bridge between engineering and governance to ensure secure delivery from day one.

What You'll Be Doing

Define and maintain multi‑cloud security standards and reference blueprints
(Azure Policy/Initiatives, AWS Control Tower, SCPs)
Own security architecture patterns and contribute to HLDs, LLDs, threat models and risk assessments
Set assurance and evidence requirements for internal teams and third‑party suppliers
Establish policy‑as‑code standards, including exception handling and risk ownership
Define identity and access controls
(Entra ID Conditional Access, MFA, PIM, AWS IAM federation)
Govern SaaS security onboarding (SSO, OAuth, DLP, vendor assessments)
Ensure solutions align with regulatory and audit requirements
Educate and influence teams through clear guidance, reviews and security clinics

What We're Looking For

Essential

Strong DevSecOps / Cloud Security experience across Azure and AWS
Background in regulated environments (ISO 27001, similar frameworks)
Solid understanding of IaaS, PaaS and SaaS security risks
Experience working on greenfield web and mobile application builds
Excellent communication skills and ability to influence engineering teamsDesirable

Security or cloud certifications (AZ‑500, SC‑100, SC‑200, AZ‑700, AWS Security Specialty, CISSP)
Experience with architecture governance or blueprint catalogues
Working knowledge of Kubernetes / container security (AKS/EKS)

Technology Exposure

Hands‑on involvement may be required for validation and assurance:

Azure: Policy, Defender for Cloud, Entra ID, PIM
AWS: Control Tower, SCPs, Security Hub, GuardDuty, IAM
Security & Monitoring: Microsoft Sentinel (KQL), Defender XDR
Governance: Blueprint repositories, risk registers, ITSM / CAB

If this sounds of interest please send your cv for review

Related Jobs

View all jobs

Senior DevSecOps Engineer

Senior DevSecOps Engineer - Outside IR35

Senior Software Engineer

Senior Devops Engineer

Senior Security Engineer

Senior Network Engineer

Subscribe to Future Tech Insights for the latest jobs & insights, direct to your inbox.

By subscribing, you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Careers Jobs

Cloud Computing Jobs for Career Switchers in Their 30s, 40s & 50s (UK Reality Check)

Thinking about switching into cloud computing in your 30s, 40s or 50s? You aren’t alone. Across the UK, employers are hiring professionals from diverse backgrounds to help organisations adopt, manage & optimise cloud technology. But let’s cut through the buzzwords. This guide gives you a practical, UK-focused reality check on cloud computing careers for career switchers — what roles exist, what you actually need to learn, how long it takes to retrain and, importantly, whether age matters. If you’re exploring a move into cloud computing, this article lays out what’s realistic and how to get there without falling for hype.

Jobs

How to Write a Cloud Computing Job Ad That Attracts the Right People

Cloud computing underpins much of the UK’s digital economy. From startups and scale-ups to enterprise organisations and the public sector, cloud platforms enable everything from data analytics and AI to cybersecurity, DevOps and digital services. Yet despite high demand for cloud skills, many employers struggle to attract the right candidates. Cloud job adverts are often flooded with unsuitable applications, while experienced cloud engineers, architects and platform specialists quietly pass them by. In most cases, the problem is not the shortage of cloud talent — it is the quality and clarity of the job advert. Cloud professionals are pragmatic, technically experienced and highly selective. A poorly written job ad signals confusion, unrealistic expectations or a lack of cloud maturity. A well-written one signals credibility, good engineering culture and long-term thinking. This guide explains how to write a cloud computing job ad that attracts the right people, improves applicant quality and strengthens your employer brand.

Education Jobs

Maths for Cloud Jobs: The Only Topics You Actually Need (& How to Learn Them)

If you are applying for cloud computing jobs in the UK you might have noticed something frustrating: job descriptions rarely ask for “maths” directly yet interviews often drift into capacity, performance, reliability, cost or security trade-offs that are maths in practice. The good news is you do not need degree-level theory to be job-ready. For most roles like Cloud Engineer, DevOps Engineer, Platform Engineer, SRE, Cloud Architect, FinOps Analyst or Cloud Security Engineer you keep coming back to a small set of practical skills: Units, rates & back-of-the-envelope estimation (requests per second, throughput, latency, storage growth) Statistics for reliability & observability (percentiles, error rates, SLOs, error budgets) Capacity planning & queueing intuition (utilisation, saturation, Little’s Law) Cost modelling & optimisation (right-sizing, break-even thinking, cost per transaction) Trade-off reasoning under constraints (performance vs cost vs reliability) This guide explains exactly what to learn plus a 6-week plan & portfolio projects you can publish to prove it.

🍪 We use cookies to enhance your browsing experience on our website. By continuing to use this site, you consent to the use of cookies as described in our Cookie Policy. You can review our Cookie Policy for more information.