undisclosed
DevSecOps Engineering Lead

How your CV stacks up
Upload your CV to see how well it fits this job role
?%
DevSecOps Engineering Lead
DevSecOps Engineering Lead
Role Title: DevSecOps Engineering Lead Duration: Contract to run until 31/03/2027 Location: Hybrid role (predominantly remote with visits to Bristol and London for events or team meetings) Rate: Up to £690 p/d (Umbrella inside IR35) Clearance Required: SC clearance eligibility is essential
Role Purpose / Summary
We are seeking an experienced, client-facing Lead DevSecOps Engineer to drive and coordinate DevSecOps practices across multiple digital products delivered as part of a wider CLIENT business and digital transformation programme, where Capgemini is the client’s prime Digital Delivery Partner.
Products will be deployed across the CLIENT digital estate (CLIENTCloud), including CLIENT’s instances of:
- Microsoft Azure (CLIENTCloud ACE / i-ACE)
- Amazon AWS (CLIENTCloud ICE)
- Oracle Cloud Infrastructure (OCI / CLIENTCloud OCE)
You will:
- Embed security, compliance, and automation into the software delivery lifecycle.
- Ensure platforms and applications meet stringent security and operational standards.
- Establish consistent, documented processes for DevSecOps engineers across each environment.
- Provide a coordinated approach for releasing updates across the integrated set of products and platforms.
This role requires:
- Deep expertise in CI/CD pipelines, delivery workflows, and security tooling across cloud environments.
- Collaboration with developers, DevSecOps engineers, infrastructure engineers, and test teams.
Reasons to use Rodeo
I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?
Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.
Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.
Start with a chat, not a search bar
Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.
Graduate Consultant — 2026 Scheme
Why you're a good match
StrongYour economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.
See breakdownIt searches the market for you
Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.
Why you're a good match
You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.
Experience fit
Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.
Only hits
No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.
Key Responsibilities
-
Design, implement, document, and continuously improve DevSecOps practices, including:
- Secure, automated CI/CD pipelines.
- Security scanning integrated into build, test, and deployment workflows.
- Vulnerability lifecycle management, including allowlisting, risk acceptance, and mitigation processes.
- Secrets management and identity/access management (IAM).
- Policy enforcement for workloads, container images, and infrastructure.
- Observability, monitoring, logging, and audit controls.
-
Partner with developers to promote secure-by-design engineering and ensure compliance with CLIENT security standards.
-
Enable and govern Infrastructure as Code (IaC) practices across teams and environments.
-
Contribute to:
- Incident response.
- Patching cycles.
- Compliance reporting.
-
Ensure lessons learned are captured and actions tracked.
-
Document security processes, controls, and operational runbooks in Confluence.
Key Skills and Experience
Essential
Proven experience as a DevSecOps Lead, establishing and operating DevSecOps ways of working and tooling across:
- CI/CD and GitOps (e.g., GitHub Actions, Argo CD, Argo Rollouts).
- Security and compliance tooling (e.g., Trivy vulnerability scanning, HashiCorp Vault, cert-manager).
- Containers and orchestration (e.g., Docker, AWS EKS).
- Infrastructure as Code (IaC) (e.g., Terraform).
- Observability (e.g., Grafana, Loki).
- Scripting and automation (e.g., Python, Bash).
- Cloud and networking fundamentals (e.g., AWS IAM, S3, network policies).


Get help with your application
Your very own career expert that helps elevate your application to the next level.
-
Experience delivering within the UK Government Digital Service (GDS) lifecycle on public sector engagements.
-
Experience working with and leading distributed and hybrid teams.
-
Demonstrated ability to collaborate across cross-functional teams, particularly with:
- Developers
- Testers
- DevSecOps engineers
-
Strong communication, facilitation, stakeholder management skills, with experience influencing at multiple levels.
Highly Desirable
Experience leading DevSecOps engineering for products hosted on the CLIENT digital estate, spanning:
- Microsoft Azure (CLIENTCloud ACE / i-ACE).
- Amazon AWS (CLIENTCloud ICE).
- Oracle Cloud Infrastructure (OCI / CLIENTCloud OCE).
Applicants will be reviewed against the required skills and experience. Due to high application volumes, only successful candidates will receive an initial acknowledgment. Thank you for your interest.
“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”
Jessica, London
Skills
Location