Nine Twenty Technology are looking for an experienced DevSecOps Engineer to join a market leading organisation whose software delivers a hospitality management system utilised by the world’s top restaurants, alongside thousands of bars, clubs, and hotels. Headquartered in the UK, this organisation have teams in the UK, Singapore, Ireland, Canada, Australia, and New Zealand.
Location: This role can be carried out remotely OR from the Glasgow office, where a hybrid/remote option is available. Please note, you will need a UK address to be considered for this role.
About the role:
You will be an experienced DevSecOps Engineer who will work within the SRE team alongside counterparts in the CyberSecurity team. You will be hands-on and able to identify areas of risk and opportunity for further security hardening. You will be working very closely with our platform and development teams specifically to advise on security matters, introduce security monitoring across platforms and products and introduce early indicators into our build and deployment pipelines. You will be strong in communicating security concepts across the department to others who have little to no security experience.
Experience required:
- 5 years practical experience in a security engineering position
- Experience implementing security frameworks in an agile delivery environment
- A willingness to learn about new security tools and how to get the most out of them. Training will be provided for all tools and services. E.g. (IAST, DAST, SAST, SCA, EDR, AV, WAF, FW, SDP, VPN, VM, IGA, PAM, SSO, AD, MFA, DLP
- Identifying opportunities and acting upon them to improve security posture
- Experience in scripting (e.g. Powershell, Python, Bash, etc.)
- Experience in the automation of detection, prevention and remediation of security issues within our production SaaS Cloud solutions.
- Experience with implementing and maintaining security Gates within CI/CD Pipelines
- Supporting the teams in identifying and implementing additional security apparatus into their products
- Liaising closely with product, development and infrastructure teams
- Awareness of and interest in, the latest security technologies and new innovative techniques
Nice to haves:
- Experience of Infrastructure as Code
- Ability to consult on potential vulnerabilities within our software architecture
- DevSecOps Experience, focussed on cloud infrastructure
- Experience with high availability, high usage, globally distributed, production systems
- Relevant industry standard certifications preferred (i.e., CISA, CISM, CISSP, CompTIA, ISACA, ISC2,SANS Institute/GIAC, PCIP)
- Cloud Security controls and tooling experience (i.e. Azure Security Benchmark v2, CIS
- Foundations Benchmark, Prowler, CloudSploit, Zeus, Lynis, etc.)
Benefits on offer:
Salary: £55,000-£75,000 (DOE)
- Clear and defined career pathway
- A paid personal development day once a month
- Flexible working hours and Remote working
- Cycle to Work scheme
- 50% off gym membership at PureGym
- Discounts on retail, nutrition, beauty & spa, experiences, sport & fitness
- Private Healthcare cover
- 5% employer pension
- Life Insurance cover equal to 3 times salary
- Travel to work finance assistance
- Discount on hundreds of hotels and dining experiences around the world
To be considered for this opportunity, please apply today or call Sophie for a confidential chat on 07775 380 860