DevSecOps Engineer

Senior DevSecOps Engineer:

We are seeking an experienced Senior DevSecOps Engineer to play a critical role in embedding security into cloud-native platforms and delivery pipelines. This position sits at the heart of large-scale digital and cloud transformation initiatives, where you will work closely with engineering, platform, and security teams to design, automate, and enforce secure-by-design practices. Operating within a highly regulated financial environment, you will help strengthen platform resilience, protect sensitive data, and ensure security controls are seamlessly integrated across the software delivery lifecycle—without compromising speed or innovation.

Key Responsibilities

• Integrate automated security controls (SAST, DAST, dependency scanning) into CI/CD pipelines.
• Design and enforce secure infrastructure-as-code (IaC) using tools like Terraform or ARM templates.
• Implement runtime security and monitoring across Kubernetes, APIs, and cloud-native workloads.
• Manage cloud security tools and policies across AWS/Azure environments.
• Support audits, compliance, and regulatory frameworks such as APRA CPS 234.
• Partner with engineering teams to promote secure-by-design practices and remediate vulnerabilities.

Skills & Experience

• 4+ years in DevSecOps, Cloud Security, or Security Engineering roles.
• Expertise in CI/CD tools (Azure DevOps, GitHub Actions, Jenkins).
• Strong scripting skills (Python, Bash, PowerShell).
• Hands-on with Kubernetes, Docker, and container security tools.
• Familiarity with OWASP, NIST, and CIS benchmarks.
• Experience with cloud-native security platforms (e.g., Aqua, Snyk, HashiCorp Vault).
• Preferred certifications: AWS/Azure Security, CKAD/CKS, CISSP.

What You’ll Bring

• Experience securing cloud-native environments at scale.
• Strong communication and ability to work cross-functionally.
• Innovative mindset with a passion for automation and security best practice.