About

• Tasks
• DEVOPS LEAD
• Location: London
• 2months+ contract with possible extension
• We are seeking a highly experienced DevSecOps & IaC Lead to drive enterprise-wide DevSecOps transformation and Infrastructure‑as‑Code implementation during the migration of large-scale on‑prem systems to AWS cloud.
• This role requires deep expertise across CI/CD pipelines, security automation, cloud-native DevOps tooling, third-party DevSecOps platforms, and large-scale IaC governance.
• Key Responsibilities
• DevSecOps Strategy & Cloud Migration Leadership
• Lead the DevSecOps transformation for applications and platforms migrating from on‑prem to AWS.
• Build a roadmap for CI/CD modernization, security automation, and cloud-ready pipelines.
• Ensure DevSecOps practices support lift & shift, replatforming, containerization, and modernization migration patterns.
• Collaborate with cloud, application, SRE, and security teams to ensure DevSecOps maturity improves during and after migration.
• Infrastructure‑as‑Code (IaC) Architecture & Governance
• Define enterprise IaC standards using tools such as Terraform, CloudFormation, CDK, Ansible, and GitOps practices.
• Lead IaC implementation for AWS landing zones, networking, security, containers, and application infrastructure.
• Establish modular IaC patterns, reusable blueprints, guardrails, and governance frameworks.
• Drive full lifecycle IaC adoption: provisioning → configuration → drift control → compliance.
• Cloud‑Native & Third‑Party DevSecOps Tooling Integration

Architect and integrate DevSecOps toolchains across cloud and on‑prem ecosystems, including

• CI/CD: GitHub Actions, GitLab, Jenkins, Azure DevOps
• Security: Snyk, Checkmarx, SonarQube, Prisma Cloud, Aqua, Twistlock
• Containers: EKS, ECS, ECR, Helm, ArgoCD, Flux
• Secrets & identity: AWS Secrets Manager, HashiCorp Vault
• Compliance: AWS Security Hub, GuardDuty, OPA/Conftest, Checkov
• Ensure deep integration between security scanning, artifact repositories, code quality, and deployment automation.
• Security Automation & Shift‑Left Enablement
• Implement “security-by-default” and “shift-left” practices across the software lifecycle.

Automate

• SAST/DAST
• Dependency & container image scanning
• Policy-as-code (Rego/OPA)
• Secrets scanning
• Infrastructure compliance
• Establish secure CI/CD pipeline patterns covering application, container, and infrastructure layers.
• Observability, Reliability & DevOps Excellence
• Partner with SRE, platform, and cloud teams to embed monitoring, logging, tracing, and auditability into pipelines.
• Implement automated quality gates, blue‑green/canary deployments, and progressive delivery strategies.
• Standardize operational best practices through automation, runbooks, and deployment frameworks.
• Governance, Risk, Automation & Compliance
• Ensure all DevSecOps and IaC pipelines comply with enterprise security, audit, and regulatory requirements.
• Define DevSecOps maturity KPIs (deployment frequency, MTTR, security findings, drift metrics).
• Build automated governance controls for release management, security enforcement, and compliance checks.
• Drive adoption of secure cloud operating models across all stakeholders.
• Leadership & Stakeholder Management
• Lead cross-functional DevSecOps squads and mentor engineers on DevSecOps, IaC, and cloud automation practices.
• Work with program managers to ensure DevSecOps readiness across all migration waves.
• Communicate progress, risks, and technical decisions to senior leadership and architecture boards.
• Provide strategic input on enterprise cloud engineering standards and transformation roadmap.
• Security & Compliance Skills
• Strong understanding of cloud security principles: IAM, KMS, encryption, zero trust, least privilege.
• Experience implementing policy-as-code and pipeline security controls.
• Understanding of CIS benchmarks, NIST, ISO27001, compliance frameworks.
• Cloud Migration Skills
• Direct experience supporting large-scale on‑prem to AWS migrations.
• Strong understanding of migration waves, application onboarding, and pipeline modernization.
• Requirements
• Required Skills & Experience
• Technical Expertise
• 14+ years of experience in DevOps, platform engineering, cloud automation, or infrastructure engineering.
• Strong hands-on experience with AWS cloud services, CI/CD, IaC, and security automation.

Expertise in

• Terraform, CloudFormation, CDK, Ansible
• Docker, Kubernetes, EKS/ECS, Helm, GitOps
• GitHub/GitLab/Azure DevOps/Jenkins pipelines
• Security tools: Snyk, Checkmarx, SonarQube, Prisma Cloud, Vault
• Logging/observability platforms (CloudWatch, ELK, Datadog)
• Preferred Qualifications
• AWS DevOps Engineer – Professional
• AWS Solutions Architect – Associate/Professional
• HashiCorp Terraform Certification
• Kubernetes certifications (CKAD, CKA, CKS)
• DevSecOps or SRE certifications (nice-to-have)