- Company Name
- CLOUDMIGRATE
- Job Title
- DevSecOps Engineer (Outside IR35)
- Job Description
-
Job title: DevSecOps Engineer (Outside IR35)
Role Summary:
Lead the design, deployment, and secure operation of Azure cloud environments. Integrate security controls and automated compliance within IaC and CI/CD pipelines, ensuring robust identity management, networking, and monitoring across Azure services.
Expectations:
- Deliver secure, scalable Azure solutions that align with architecture and security guidelines.
- Automate threat detection, incident response, and governance workflows.
- Collaborate across teams to embed DevSecOps best practices and continuous improvement.
Key Responsibilities:
- Design and implement Azure services (PaaS, VMs, AKS, storage) following architectural and security best‑practice frameworks.
- Strengthen cloud security with Azure Sentinel, RBAC, PIM, Azure Policy, and custom playbooks for SIEM/SOAR.
- Develop, maintain, and version Terraform modules for infrastructure automation, including state management and compliance checks.
- Build and maintain Azure DevOps pipelines; integrate vulnerability scanning, code analysis, and automated deployment.
- Configure Azure Entra ID (AD), enforce least‑privilege access via RBAC and PIM automation.
- Design secure Azure network topologies (VNets, NSGs, firewalls, private endpoints) and automate monitoring.
- Optimize Azure Monitor, Log Analytics, and Sentinel dashboards; automate alerting workflows and performance reporting.
- Apply container security practices to AKS clusters and related workloads.
- Ensure alignment with security frameworks (CIS, NIST, ISO 27001) and regulatory compliance.
Required Skills:
- Expert knowledge of Azure services, including Azure Entra ID, RBAC, PIM, Azure Policy, and PaaS offerings.
- Hands‑on experience with Azure Sentinel (SIEM/SOAR) and automation of playbooks.
- Advanced proficiency in Terraform (module development, state handling, IaC governance).
- Deep understanding of Azure DevOps (pipelines, repositories, artifacts, release management).
- Strong background in cloud networking (VNets, NSGs, load balancers, firewalls, application gateways).
- Familiarity with security frameworks and compliance standards (CIS, NIST, ISO 27001).
- Scripting skills in PowerShell, Python, or Bash for cloud orchestration.
- Knowledge of container security and AKS best‑practices.
- Excellent analytical, communication, and collaboration abilities; proactive risk mitigation mindset.
Required Education & Certifications:
- Bachelor’s degree in Computer Science, Information Technology, or related field (or equivalent professional experience).
- Microsoft Azure certifications such as AZ‑500 (Security Engineer), AZ‑303/AZ‑304 (Solutions Architect), or AZ‑400 (DevOps Engineer).
- Terraform Associate certification (optional but preferred).
Legal Requirement: Must have the legal right to work in the UK.