Senior DevSecOps Engineer (Aerospace and defence)

• Integrate security practices into CI/CD pipelines and infrastructure-as-code (IaC) 
• Define and implement security controls in cloud environments (AWS, Azure, GCP) 
• Automate security scans (SAST, DAST, SCA, and container scanning) and enforce policy compliance 
• Conduct threat modeling, vulnerability management, and risk assessments 
• Collaborate with DevOps and development teams to remediate security issues 
• Establish and promote DevSecOps best practices, training, and documentation 
• Ensure compliance with security standards and regulations (e.g., ISO 27001, SOC 2, and GDPR) 
• Lead incident response and forensics processes when needed 

• 5+ years of experience in DevSecOps, cloud security, or related roles 
• Strong knowledge of CI/CD tools (e.g., GitLab CI, Jenkins, GitHub, and Actions) 
• Proficiency in cloud-native security (AWS/GCP/Azure) and Kubernetes 
• Experience with infrastructure-as-code tools (Terraform, CloudFormation, Ansible) 
• Deep understanding of application security principles and secure coding practices 
• Hands-on experience with automated security tools such as Snyk, Checkmarx, Aqua, etc. 
• Scripting skills in Bash, Python, or similar languages 

WILL BE A PLUS

• Relevant certifications (e.g., AWS Security Specialty, CISSP, CKS) 
• Knowledge of zero-trust architectures, API security, and secrets management 
• Familiarity with regulatory frameworks (HIPAA, PCI DSS, etc.)