The DevSecOps Engineer will live and breath continuous security innovation on our digital platform
They will be part the Digital Engineering team and responsible for embedding security minded culture, practices and tools across the cloud platform, whilst developing innovative cloud security solutions.
What you’ll do in more detail
Work with the core engineering team for the design and development of security solutions using the approved automation and CI / CD tooling
Recognise areas for security improvements within the cloud platform around automation and CI / CD, access controls, network, automated compliance, alerting and forensics etc.
Develop a strong culture of security focused development and practices within the DevOps team by enabling Security Champions within the Digital tribes
Promote personal growth including experimentation with new bleeding-edge technologies
Run, facilitate and support game days to test and validate security related alerting, incident responses, counter measures, SOC, operational processes, forensics, etc
Hold OWASP Security Shepperd challenges
Collaborate across the Dunelm’s Architecture community to establish and implement consistent architecture across all Digital platforms which delivers Dunelm’s future technology
Define and support secure continuous delivery approaches including tooling and automated testing and deployments
Establish, help implement and manage access controls for our environments to keep the business safe
Research, plan and help implement relevant solutions in collaboration with operations, architecture and development teams
Actively communicate with your Engineering Head to ensure that you are and your team always delivering to the product owners requirements and any issues are raised
Join sprint planning and retrospectives, and prioritise and manage your work using planning tools e.g. Jira
Create custom monitoring components to provide deep monitoring of application estate, and integrate ideally to monitoring platforms.
Warrant core DevOps and DevSecOps methodologies are implemented to highest standard across environments.
Ensuring you are actively upskilling and sharing knowledge with other team members.