As our DevSecOps Engineer, you’ll work across a range of open- and closed-source security tools, collaborating with a highly experienced engineering team to design, build, maintain, and enhance our tooling.
You’ll be hands-on with modern DevSecOps technologies, working alongside senior engineers on diverse client engagements that span both development and operations, with security at the core of everything you do.
As you progress, the role expands into web application penetration testing, with every test including source code review. Your development will be supported through structured peer mentoring, opportunities to assist on live penetration tests, and clear progression pathways—including support toward certifications such as OSWE.
This is a security-first position, ideal for developers looking to transition into a cybersecurity career. It offers a varied, practical, and engaging environment within a company that prides itself on delivering services with exceptional quality, value, and integrity.
Key Responsibilities:
- Develop, maintain, and enhance security-focused applications and tooling
- Collaborate closely with engineers to troubleshoot issues, debug systems, and write clean, scalable, secure code
- Implement and maintain development, testing, automation, and infrastructure tooling
- Continuously improve CI/CD pipelines and DevSecOps practices
- Contribute across multiple projects, including client-facing engagements
- Produce and review high-quality client reports that clearly communicate complex technical findings to varied audiences
- Design innovative and robust solutions to complex, cutting-edge security challenges
- Support web application penetration testing alongside senior engineers
Required Skills & Experience:
- Strong development experience in at least one programming language (e.g. Python, JavaScript, Java, C#, Go)
- Solid understanding of cloud security principles and architectures (e.g. AWS Well-Architected Framework)
- Experience with modern frameworks (e.g. React, Node.js, .NET, Django)
- Hands-on experience with containerisation technologies (Docker, Kubernetes, etc.)
- Close attention to detail with strong standards for code quality and security
- Excellent written and verbal communication skills, particularly when working with clients
- Demonstrated passion for both software development and security
- Ability to self-manage and stay motivated in a remote working environment
- Must have resided in the UK for at least the past 5 years and be willing to undergo security clearance
- Authorised to work in the UK (visa sponsorship is not available for this role)
- Desirable (Not Essential)
- Relevant industry certifications (e.g. OffSec OSWE)
- Experience embedding security into CI/CD pipelines
Existing security clearance
- Commercial penetration testing experience, ideally with a focus on web and API testing
What We Offer:
- A passionate, supportive, and security-driven team
- Flexible working (remote-first with occasional team meetups)
- Optional office-based working for those within commuting distance of Northallerton
- Challenging and varied projects across multiple industries and technologies
- Clear opportunities for role growth alongside the company’s rapid expansion
- Support for industry certifications
- Opportunities for travel (previous events include GISEC Dubai, UK conferences, and Black Hat USA)
Performance-related bonus opportunities:
- Regular pay reviews
- Private health cover following successful completion of probation (including dependents up to age 18)
Inclusion & Values:
We are an equal opportunity employer. We are committed to fostering an inclusive, diverse, and respectful workplace where everyone can thrive. We believe that diverse perspectives enable better outcomes for our clients, our team, and the wider industry.
We also proudly hold the Armed Forces Covenant Silver Award and actively encourage applications from veterans, reservists, and service leavers, recognising the valuable skills they bring to cyber security.
Benefits include:
- Casual dress
- Company events
- Remote working
Experience Required:
- Back-end development: 2+ years
Certifications:
Position: Mid or Junior DevSecOps Engineer - Job Type: Full-time, Permanent - Salary: £30,000 to £40,000 per year
Location: United Kingdom (required) - Remote working
Email a friend
Report this Job