DevSecOps Engineer DistributedLocation Information: UK. DevSecOps. Engineer – Industrial AI Platform Role Summary . You'll own security implementation across our AI deployment pipelines - from AWS EC2 development environments to air-gapped industrial sites. This hands-on role combines security engineering, infrastructure automation, and operational reliability for a platform deploying mission-critical ML models at the edge. . Key Responsibilities. . Infrastructure Security Automation. . Develop and maintain OpenTofu modules for consistent VM provisioning across environments . Harden EC2 and on-prem VM templates with Ansible security playbooks . Implement least-privilege IAM policies and secure network configurations . Design secure bootstrapping processes for production environments . . Kubernetes Deployment Security. . Secure our K3s clusters with proper pod security policies and network isolation . Implement robust RBAC models with granular permissions . Design secure inter-service communication patterns . Build security monitoring for cluster components and workloads . . CI/CD Pipeline Hardening. . Integrate automated security scanning into build pipelines (container scanning, SCA, SAST) . Implement secure artifact management with signing and verification . Build proper secrets management for deployment pipelines . Establish secure container base images and build processes . . Operational Security & Reliability. . Design secure update mechanisms for air-gapped environments . Implement monitoring, alerting and incident response automation . Build comprehensive logging and audit trails across environments . Develop metrics for tracking security and reliability KPIs . . Security Reporting & Governance. . Create security dashboards for visibility into system security posture . Build automated compliance validation for industrial requirements . Develop practical security documentation and runbooks . Run internal security reviews and share findings with engineering teams . . Tech Stack. . Kubernetes (K3s for edge deployment, Kind for local dev, EKS for cloud) . OpenTofu (planned) and Ansible for infrastructure automation . AWS EC2 for development/test environments, on-prem for production . GitHub Actions for CI/CD pipelines . Docker for containerisation . Python and Bash for security tooling and automation . SvelteKit for frontend . Requirements. . Essential Skills & Experience:. . Strong experience with infrastructure-as-code security (Terraform/OpenTofu, Ansible) . Hands-on Kubernetes security implementation (networking, RBAC, policies) . Experience securing containerised workloads and build pipelines . Practical security monitoring and alerting implementation . Experience with Linux security controls including AppArmor profile development and enforcement . Comfort working with Python, shell scripts, and CLI tooling . Ability to balance security requirements with practical engineering trade-offs . Experience with log aggregation and operational monitoring . Desirable Skills:. . Experience with industrial or air-gapped deployments . Knowledge of ML/AI deployment security considerations . Familiarity with regulated environments (finance, healthcare, industrial) . Experience with zero-trust networking concepts . Experience with Linux hardening for edge deployments . About You. . You're hands-on - you code solutions rather than just pointing out problems . You find pragmatic security solutions that work in the real world . You can explain complex security concepts to people who don't live in that world . You balance "secure by default" with "needs to actually work" . You're comfortable diving into unfamiliar codebases to find and fix issues
Telegram
Linkedin
Twitter
Instagram
Facebook