Key skills
PythonBashAWSAzureTerraformKubernetesDockerJenkinsGitHub ActionsGitLab CIVaultCloudFormationGitHubGitLabCI/CD
About this role
Serco is seeking a highly skilled and motivated Experienced DevSecOps Engineer to join their team. This role is critical in integrating security practices within the DevOps process, ensuring that security is embedded throughout the software development lifecycle.
Responsibilities:
- Design, implement, and maintain secure CI/CD pipelines
- Integrate security tools and practices into development and deployment workflows (e.g., SAST, DAST, container scanning)
- Collaborate with development, operations, and security teams to ensure secure software delivery
- Automate infrastructure provisioning and configuration using Infrastructure as Code (IaC) tools such as Terraform or CloudFormation
- Monitor systems for security vulnerabilities and respond to incidents
- Conduct threat modeling and risk assessments for new and existing systems
- Stay current with emerging security threats, technologies, and best practices
Requirements:
- U.S. Citizenship required
- Ability to obtain DoW Secret security clearance
- Bachelor's degree
- Minimum 5 years of experience in DevOps, Security Engineering, Software Engineering, or Cloud Engineering
- Proficiency with Azure
- Experience with any of the following CI/CD tools: Jenkins, GitLab CI, GitHub Actions, Cloud-Native
- Familiarity with containerization/orchestration with Docker and Kubernetes
- Strong scripting skills
- The ability to travel up to 10%. (CONUS)
- Certifications such as AWS Certified DevOps Engineer, Microsoft DevOps Engineer Expert, Certified Cloud Native Security Expert (CCNSE), or equivalent experience
- Experience with secrets management tools (e.g., Azure Key vault, AWS Secrets Manager)
- Familiarity with zero-trust architecture and secure software supply chain practices
- Knowledge of security frameworks and compliance standards (e.g., NIST, ISO 27001, SOC 2)
- Strong scripting skills (e.g., Python, Bash)