SC Cleared Lead DevSecOps

Role: SC Cleared Lead DevSecOps

Duration: 6 Months

Location: London - hybrid

Rate: £650 per day.

The Lead DevSecOps role is pivotal in achieving the digital transformation objectives of our client. The successful candidate will be responsible for ensuring that security is built into every part of the development lifecycle, specifically ensuring that security tooling (native and non-native) is properly embedded into CI/CD CI/CD pipelines. Thus, ensuring the systems are security compliant, adhering to standards as Secure by Design and GovAssure. This is part of a complex legacy replacement involving a vast number of users.

The role holder will be part of the transformation programmes including tech replacement and migration, embedding security to ensure seamless integration of new systems/ features and workflows.

Skills Required:

• Strong hands-on expertise in DevSecOps practices, particularly security automation in CI/CD and infrastructure-as-code pipelines.

• Deep understanding of modern DevOps tooling (e.g., GitHub Actions/ CircleCI, Terraform, Kubernetes, Docker) with secure configurations.

• Experience implementing security controls in cloud-native environments (e.g., AWS or Azure) including IAM, network policies, and container security.

• Proven track record of using tools such as Snyk, Trivy, Checkov, OPA/Gatekeeper/ OWASP ZAP, or similar to enforce pipeline and platform security.

• Familiarity with compliance requirements (e.g., NIST, ISO 27001, CIS Benchmarks) and their implementation via code.

• Ability to lead and mentor teams on secure coding, threat modelling, and secure architecture patterns.

• Experience with monitoring, logging, and security telemetry platforms (e.g., Prometheus, Loki, ELK, XDR/SIEM integrations).

Please note candidates must hold or be willing to undergo SC clearance.