Apply now »
Country/Region:  GB
Requisition ID:  32943
Work Model:  Hybrid
Position Type:  Contract
Salary Range: 
Location:  UK - CUST SITES

Title:  Subcontractor

Description: 

Area(s) of responsibility

Job Description: DevSecOps & Infrastructure‑as‑Code (IaC) Lead (14+ Years Experience)

Role Overview

We are seeking a highly experienced DevSecOps & IaC Lead to drive enterprise-wide DevSecOps transformation and Infrastructure‑as‑Code implementation during the migration of large-scale on‑prem systems to AWS cloud. This role requires deep expertise across CI/CD pipelines, security automation, cloud-native DevOps tooling, third-party DevSecOps platforms, and large-scale IaC governance.

 

Key Responsibilities

1. DevSecOps Strategy & Cloud Migration Leadership

Lead the DevSecOps transformation for applications and platforms migrating from on‑prem to AWS.
Build a roadmap for CI/CD modernization, security automation, and cloud-ready pipelines.
Ensure DevSecOps practices support lift & shift, replatforming, containerization, and modernization migration patterns.
Collaborate with cloud, application, SRE, and security teams to ensure DevSecOps maturity improves during and after migration.

2. Infrastructure‑as‑Code (IaC) Architecture & Governance

Define enterprise IaC standards using tools such as Terraform, CloudFormation, CDK, Ansible, and GitOps practices.
Lead IaC implementation for AWS landing zones, networking, security, containers, and application infrastructure.
Establish modular IaC patterns, reusable blueprints, guardrails, and governance frameworks.
Drive full lifecycle IaC adoption: provisioning → configuration → drift control → compliance.

3. Cloud‑Native & Third‑Party DevSecOps Tooling Integration

Architect and integrate DevSecOps toolchains across cloud and on‑prem ecosystems, including:
CI/CD: GitHub Actions, GitLab, Jenkins, Azure DevOps
Security: Snyk, Checkmarx, SonarQube, Prisma Cloud, Aqua, Twistlock
Containers: EKS, ECS, ECR, Helm, ArgoCD, Flux
Secrets & identity: AWS Secrets Manager, HashiCorp Vault
Compliance: AWS Security Hub, GuardDuty, OPA/Conftest, Checkov
Ensure deep integration between security scanning, artifact repositories, code quality, and deployment automation.

4. Security Automation & Shift‑Left Enablement

Implement “security-by-default” and “shift-left” practices across the software lifecycle.
Automate:
SAST/DAST
Dependency & container image scanning
Policy-as-code (Rego/OPA)
Secrets scanning
Infrastructure compliance
Establish secure CI/CD pipeline patterns covering application, container, and infrastructure layers.

5. Observability, Reliability & DevOps Excellence

Partner with SRE, platform, and cloud teams to embed monitoring, logging, tracing, and auditability into pipelines.
Implement automated quality gates, blue‑green/canary deployments, and progressive delivery strategies.
Standardize operational best practices through automation, runbooks, and deployment frameworks.

6. Governance, Risk, Automation & Compliance

Ensure all DevSecOps and IaC pipelines comply with enterprise security, audit, and regulatory requirements.
Define DevSecOps maturity KPIs (deployment frequency, MTTR, security findings, drift metrics).
Build automated governance controls for release management, security enforcement, and compliance checks.
Drive adoption of secure cloud operating models across all stakeholders.

7. Leadership & Stakeholder Management

Lead cross-functional DevSecOps squads and mentor engineers on DevSecOps, IaC, and cloud automation practices.
Work with program managers to ensure DevSecOps readiness across all migration waves.
Communicate progress, risks, and technical decisions to senior leadership and architecture boards.
Provide strategic input on enterprise cloud engineering standards and transformation roadmap.

Apply now »