GatherJob
Back to jobs
E
eFinancialCareers

DevSecOps Engineer AI

eFinancialCareers
London, UKOn-siteMid-leveldevops Today

Own the secure engineering and automation layer for the AI platform. This role makes releases controlled, repeatable and auditable through GitHub, CI/CD, Terraform, GitOps, OPA/Rego, code scanning, security gates and release/change evidence.

Core responsibilities
  1. Design, maintain and troubleshoot secure CI/CD pipelines and GitHub workflows.
  2. Maintain branch protection, pull request checks, required approvals and deployment controls.
  3. Build and maintain Terraform / Infrastructure-as-Code modules and GitOps deployment patterns.
  4. Integrate OPA/Rego policy-as-code into CI/CD for pre-deployment guardrails.
  5. Implement and operate code scanning: SAST, dependency, secret, IaC and container scanning where applicable.
  6. Ensure critical/high findings block merge or deployment unless formally excepted.
  7. Support release management: environment consistency, promotion, rollback planning and post-release validation.
  8. Track security findings, policy exceptions and remediation evidence with clear reporting.
  9. Support repository standardisation, pipeline templates, deployment automation and audit evidence.
  10. Work closely with Cloud Engineer on Azure platform patterns and operational handover.
Required skills
  1. Strong DevOps / DevSecOps engineering experience in cloud environments.
  2. Strong GitHub, CI/CD, branch protection, pull request governance and deployment automation skills.
  3. Strong Terraform, Infrastructure-as-Code and GitOps capability.
  4. Experience with OPA/Rego or comparable policy-as-code tooling.
  5. Good understanding of secure software delivery and cloud security controls.
  6. Working knowledge of SAST, dependency scanning, secret scanning, IaC scanning and container scanning.
  7. Ability to troubleshoot pipelines, deployments, infrastructure, security gates and access issues.
  8. Good documentation discipline and ability to turn controls into repeatable standards.
Useful evidence when hiring
  1. Has built or standardised CI/CD pipelines and deployment controls in a regulated enterprise.
  2. Can explain Terraform state, environments, approval gates, rollback and drift control.
  3. Can explain how code/security scanning should work in pull requests and release pipelines.
  4. Has implemented policy-as-code or equivalent automated governance, not just written manual standards.

Opens the company's application page

About the company

eFinancialCareers

eFinancialCareers

Listed via

R

Reed

reed.co.uk