DevSecOps Consultant

Description

DevSecOps Consultant

* Sheffield (3 days per week onsite)

* Inside IR35

We're partnering with a leading financial services client to appoint a DevSecOps Consultant to drive secure engineering practices across large-scale, cloud-based platforms.

This role is ideal for someone who has come from a hands-on DevSecOps Engineering background and has since transitioned into architecture/design and advisory, while still retaining strong technical depth.

Key Responsibilities:

* Define and implement secure architecture patterns across engineering platforms (CI/CD, build systems, runtime environments)

* Conduct security assessments, threat modelling, and gap analysis across platforms and pipelines

* Develop and embed DevSecOps best practices, including secure pipeline design and automated controls

* Establish and enforce security baselines using policy-as-code

* Build and deliver security roadmaps, prioritising risk and regulatory requirements

* Partner with engineering and platform teams to remediate vulnerabilities and improve security posture

* Act as a trusted advisor to senior stakeholders, translating technical risks into business impact

Key Requirements:

* Proven background in hands-on DevSecOps Engineering, now operating in a design/architecture-focused role

* Strong experience across both AWS and GCP (essential)

* Deep understanding of CI/CD pipelines, build tools, artifact repositories, and developer platforms

* Expertise in secure software delivery, vulnerability management, and platform security

* Experience with threat modelling, security frameworks, and maturity assessments

* Strong knowledge of application security, network security, and cloud security principles

xjnqpsq * Excellent stakeholder management and communication skills

Desirable:

* Experience in financial services or regulated environments

* Knowledge of Kubernetes and container security

* Familiarity with supply chain security, SBOM, and secure development practices

* Relevant certifications (eg CISSP, CISM, CCSP)

This is a key role focused on shaping and embedding secure-by-design engineering practices across a complex, enterprise environment, with strong influence across both technology and security functions.

More details available on successful application

Ad ID: 5418073948