Job Description

Job Advert Summary

To verify the security of code deployments, configuration management, and the implementation of industry-standard security practices across PPS. The role is responsible for integrating security measures throughout development and operations, leveraging automation within pipelines and cloud platforms to achieve rapid, reliable, and secure delivery. Serving as both a strategic partner and technical leader, the role fosters a culture of collective security ownership, provides mentorship to teams, and aligns DevSecOps initiatives with business objectives to strengthen organisational resilience and build stakeholder trust.

Minimum Requirements

Education:

Bachelor's degree in Information Technology (IT)/Systems or Computer Science, Engineering or Software Engineering Information Technology Infrastructure Library (ITIL) Foundation Certification Microsoft and Linux Certification

Experience:

7+ years of experience in software deployments, development and operations, or related IT, computer, or operations (essential) 5+ years of experience in IT Operations with strong understanding of deployment processes and standard best practices Experience with Microsoft and Linux infrastructure, database SQL (MS SQL), CI/CD tools, scripting such as JavaScript, XML, PHP, Python, Perl, Ruby, .NET, Scrum/Kanban Experience with software development, infrastructure development, or development and operations (essential) Cloud Platform experience (preferred) Deep experience with Terraform, Ansible, CloudFormation, or Pulumi. Familiarity with SAST, DAST, IAST, SCA tools (e.g., SonarQube, OWASP ZAP, Snyk, Checkmarx) Experience with AWS, Azure, or GCP security models (IAM, policies, key management, compliance tools) Familiarity with container/Kubernetes security benchmarks (e.g., CIS, NSA guidelines)

Knowledge and Skills:

Knowledge of SAFe, Agile workflow methodologies Advanced knowledge of Linux/Unix (primary), with working knowledge of Windows Server environments Knowledge of TCP/IP, DNS, routing, firewalls, VPNs, proxies, load balancers (preferred) Proficiency in Python, Bash, PowerShell; familiarity with languages like Go, Java, or JavaScript for security-related tooling Expertise in tools like Jenkins, GitLab CI, GitHub Actions, Azure DevOps, or CircleCI Advanced skills in Docker and Kubernetes (deployment, security, monitoring) Knowledge of SIEM/SOAR platforms, log analysis, forensics basics Proficiency in Nessus, Qualys, and OpenVAS tools Understanding of frameworks like ISO27001, SOC2, NIST CSF, CIS Benchmarks Proficiency in Jira/Confluence, MS Teams/Slack, and project tracking tools

Competencies:

Analysis Business Acumen Commercial Thinking Decisiveness Planning and Organising Quality Orientation Relationship Building Results Orientation Openness to Change Ethics and Integrity

Duties and Responsibilities

Manage CI and CD tools with the team and collaborate with other teams to plan and create workflow processes, develop automation procedures, deploy updates Take ownership, lead and coordinate operational tasks, customer escalations, and process improvements Perform scheduled maintenance and support release deployment activities after hours Position security as a catalyst for innovation, guaranteeing that development, operations, and security practices support faster, safer delivery of business value Align DevSecOps practices with the organisation's enterprise risk strategy by proactively identifying, mitigating, and managing security risks across the software development lifecycle Design frameworks and processes that can scale business growth, cloud adoption, and evolving regulatory requirements Champion a "security-first" mindset across development and operations teams, embedding secure practices into everyday workflows and fostering shared accountability for security Drive the adoption of automation, advanced monitoring, and modern security tools to continuously enhance resilience, reduce technical debt, and maintain competitive advantage Align DevSecOps initiatives with support business objectives such as faster time-to-market, improved customer trust, regulatory compliance, and operational resilience * Collaborate with product, engineering, compliance, and leadership teams to integrate security considerations into strategic planning and digital transformation initiatives