DevSecOps Engineer

My client is a global IT consultancy who are currently recruiting for a DevSecOps Engineer

Rate - £550pd inside via umbrella

Start Date: ASAP
End Date: 31st Dec 2026
Travel Requirements: 1dpw to client site in Skipton, (likely increase to 2-3 days a week from September, aligned with client)
Working pattern: Full time

Key responsibilities

Development process
- Ship small, frequent changes by default: adopt trunk-based development, use feature flags, and enable automated approvals for low risk paths; visualise and act on DORA/flow constraints with the team.
- Treat the Golden Path as the default for new and refactored services; surface policy drift and contribute fixes/templates that improve speed and consistency.
- Lead squad adoption of Golden Path patterns; identify and fix policy drift in pipelines or IaC modules.
- Troubleshoot and remove flow bottlenecks caused by pipelines, environments, data provisioning, or test flakiness.
- Ensure services are instrumented with deployment annotations, golden signals, SLOs, and audit-ready evidence.
- Design for ephemeral/data-ready environments (idempotent data, test hooks, parity enforcement).
- Embed contract/performance/resilience/security tests in CI; elevate squad testability patterns.
- Partner with Release on SLO/error-budget readiness for go/no-go.

Secure by design & compliance as code
- Ensure every pipeline has push protection, SAST/SCA/DAST, IaC scanning, and secure defaults; implement WAF requirements for external endpoints; maintain SBOM/pipeline attestations where applicable.

Release linked observability
- Instrument services with deployment annotations, commit build deploy traceability, golden signals and SLO/error budget alerts; ensure audit ready outputs support go/no go and incident response.

On demand environments & data
- Build for ephemeral, production like environments; prevent parity/drift through configuration patterns; request data on demand (masked/synthetic/seeded) via pipeline to unblock testing and reduce rework.

Shift left quality
- Implement contract, performance, resilience, and security tests in CI; design for testability (deterministic hooks, idempotent data) to reduce defect escapes and shorten feedback cycles.

BCP/Operational Resilience
- Support recoverability through automated rollback/forward fix patterns, immutable artefact retention, and participation in rehearsals/game days; ensure releases generate exportable evidence for audit.

Collaboration, mentoring & advocacy
- Pair and mentor Engineers/Associates; share patterns in docs/brown bags; contribute to communities of practice; celebrate safe/fast releases and promote modern engineering practices.

Key skills

Skills (Technical & Delivery)
- Strong in at least one modern language/runtime and cloud native design; solid understanding of API, events, resilience, and observability patterns.
- Testability and shift left (contract/performance/resilience/security) in CI; performance profiling and failover/restore basics.
- Advanced knowledge of CI/CD automation, progressive delivery (feature flags, canary/blue green, rollback), and secure by design patterns.
- Strong understanding of environment architecture (ephemeral envs, drift detection, data on demand).
- Skilled in observability (tracing, metrics, logs) and how to diagnose issues from them.
- Able to assess squad level DORA/flow metrics and remove constraints.

Knowledge & Experience
- Delivered changes through the Golden Path with policy as code guardrails; contributed to release linked observability and improved lead time/CFR at squad level.
- Worked with Release/Environments/QE to run progressive delivery, rehearsals, and data ready testing.

Behaviours
- Outcome orientation with guardrails - uses scorecard metrics & SLO/error budgets to guide decisions.
- Collaborative & curious - seeks feedback, mentors others, documents patterns; celebrates safe/fast releases.
- Accountable & calm under pressure - supports incident response and continuous improvement.