DevOps Engineer (Security Operations)
Skin AnalyticsUnited Kingdom21 hours ago
Full-timeEngineering
Track This Job
Add this job to your tracking list to:
- Monitor application status and updates
- Change status (Applied, Interview, Offer, etc.)
- Add personal notes and comments
- Set reminders for follow-ups
- Track your entire application journey
Save This Job
Add this job to your saved collection to:
- Access easily from your saved jobs dashboard
- Review job details later without searching again
- Compare with other saved opportunities
- Keep a collection of interesting positions
- Receive notifications about saved jobs before they expire
AI-Powered Job Summary
Get a concise overview of key job requirements, responsibilities, and qualifications in seconds.
Pro Tip: Use this feature to quickly decide if a job matches your skills before reading the full description.
In this role you will lead the charge in securing and scaling our infrastructure and CI/CD pipelines for regulated clinical software. Working cross-functionally with engineering, QA, product, and regulatory teams, you'll design, implement, and monitor secure, traceable DevOps workflows. You enable rapid, compliant delivery of Software as a Medical Device (SaMD) products.
Please note: this role requires in office presence for 3 days a week. Our office is in Farringdon, London. If you can't commit to this, please don't apply.
Responsibilities
3 months
Have deep expertise in:
💰Competitive salary
Share options package - all our employees have ownership in the company
🏥Private healthcare
🌴25 days annual leave (5 day company shutdown in August + bank holidays)
👪Enhanced parental leave - includes adoption & foster
🚲Bike to work scheme
💻Training budget
Weekly catch-ups, monthly meetings to talk about you, your ambitions and make plans
🎊Lots of fun social activities including company offsite!
Our Values
🌱 Building a Strong Foundation
🎓 Always Learning
🏅 Lead from the Front
💪 Tough and Resilient
The Real Stuff
Skin Analytics embraces and is committed to diversity and equal opportunities. We are dedicated to building a team that represents a variety of backgrounds, perspectives, and skills. The more inclusive we are, the better our work will be.
Please note: this role requires in office presence for 3 days a week. Our office is in Farringdon, London. If you can't commit to this, please don't apply.
Responsibilities
- Own SecOps across our stack by managing secure AWS infrastructure, CI/CD pipelines, and developer environments using least-privilege and zero-trust principles.
- Integrate automated security scans (Snyk, Docker, IaC) into all stages of the SDLC.
- Design, implement, and maintain AWS infrastructure as code using Terraform and Ansible
- Deliver threat models and drive remediations across cloud services (EC2, S3, RDS, etc.).
- Build Docker-first workflows with image scanning, tagging, and artifact management.
- Write and own SOPs for secure deployment and incident response aligned to ISO 27001 and IEC 62304.
- Extend observability through CloudWatch/ELK stack dashboards, anomaly detection, and alerting for security and performance monitoring
- Support Transformation team by resolving any security queries that clients might have in their onboarding & deployment
3 months
- Complete access audits and enforce secure MFA + least-privilege access across AWS, Bitbucket, and key tools
- Identify and remediate top 5 security risks in CI/CD pipelines and cloud architecture
- Fully integrate Snyk into all pipelines with automated alerts and reporting
- Mature pipelines to support automated tests, security gates, and gated deploys across all services
- Implement full-stack observability with anomaly alerts and dashboards for security and reliability using the ELK stack
Have deep expertise in:
- Cloud Infrastructure (AWS): EC2, S3, RDS, IAM, VPC, CloudWatch, CloudTrail, Lambda, SQS/SNS
- CI/CD Pipelines: Bitbucket Pipelines (or similar), multi-stage pipeline management, gated deployments
- Security Operations: Snyk, IAM policies, threat modeling, zero-trust access, MFA, secrets management
- Implementing and automating compliance requirements (IEC 62304, ISO 27001, HIPAA, MDR)
- Delivering secure software pipelines for Node.js, React, and Docker-based services
- Writing secure deployment ansible playbooks and participating in internal audits or regulatory submissions
- Production workloads supported by Terraform and ansible, hosted on AWS
- Strong networking knowledge, including VPCs, subnets, routing tables, security groups, and NACLs, route53, load balancers
- Takes ownership: full accountability for infra, tooling, and controls; sees it through to completion.
- Bias for automation: believes manual work should be temporary, builds repeatable pipelines and workflows.
- Detail obsessed: doesn't miss the small stuff. Every commit, config, and policy matters in regulated software
- Clear communicator: explains risks, trade-offs, and technical plans to both engineers and non-tech stakeholders.
- Collaborative & pragmatic: works well across disciplines and adapts to real-world constraints
💰Competitive salary
Share options package - all our employees have ownership in the company
🏥Private healthcare
🌴25 days annual leave (5 day company shutdown in August + bank holidays)
👪Enhanced parental leave - includes adoption & foster
🚲Bike to work scheme
💻Training budget
Weekly catch-ups, monthly meetings to talk about you, your ambitions and make plans
🎊Lots of fun social activities including company offsite!
Our Values
🌱 Building a Strong Foundation
🎓 Always Learning
🏅 Lead from the Front
💪 Tough and Resilient
The Real Stuff
Skin Analytics embraces and is committed to diversity and equal opportunities. We are dedicated to building a team that represents a variety of backgrounds, perspectives, and skills. The more inclusive we are, the better our work will be.
Key Skills
Ranked by relevanceReady to apply?
Join Skin Analytics and take your career to the next level!
Application takes less than 5 minutes