Senior DevSecOps Engineer
We usually respond within a week
About BigHand
BigHand offers technology solutions for busy legal professionals that provide data and insights to increase value and profits. Through technology, insight and experience, we deliver success for our clients future. We enable our clients to give their customers a better experience while empowering their people to be their best.
We make big happen for our customers.
We are a business driven by our values and have these at the centre of everything we do. Our BigHanders are dedicated to building a culture where we win together, we learn, we give back, we believe in each other and we find the fun. We are proud to have ranked in Great Places to Work top 50 “UK’s Best Workplaces” list for 6 years.
About the role
BigHand is a leading software technology company with a big difference. It’s not just what we do, but how we do it. We specialise in speech, task delegation, document creation and process improvement solutions that help our customers achieve more in less time. Our vision is to be the industry’s preferred, most supportive, and helpful technology partner. We aim to achieve this by harnessing our genuine enthusiasm and skill for helping busy people be more effective. BigHand is on a journey of Cloud Native transition. This is a company level strategy to modernise the applications and infrastructure to better deliver secure BigHand SaaS products to be available where, when and on whatever device the customer desires. BigHand is a champion of Cloud Security and is now taking the next step to mature its DevSecOps practices. This strategy is driven by the need for fast delivery of new features and secure and cost-effective use of Azure services.
What you’ll do:
- As a DevSecOps Engineer, you will be working with a team of great engineers, delivery managers and architects on several topics i.e., Security Testing, Security (Test) Automation, Risk Analysis, Threat modelling, Security Research, and many others.
- You will help reduce the risk for the organisation by helping DevOps, Platform Engineering, Platform Operations, Architecture and Software Engineering teams to deliver secure products and cloud platforms and support companywide security initiatives including information security standards such as ISO27001 and SOC 2.
- You will help to create new strategic plans to be more efficient and work together with BigHand security and compliance departments.
- You will also coach your team members and improve their security knowledge
- You will contribute to the security research and bring new knowledge inside the company. You will act as a bridge from Security to other functions.
- You also will assist with the continuous improvement of the processes critical to the success of the team.
- You will align with other stakeholders in other domains.
- Actively promoting DevSecOps ways of working and best practices within the teams and company at large.
- Support the delivery of the Platform Security roadmap.
- Demonstrate excellent judgement in prioritising security efforts to mitigate the appropriate risks.
- Be a strong communicator and can translate security objectives to tech teams.
- Managing several security related items: Security requirements, Threat Modelling, Design Reviews, Secure Code Review, Penetration Tests, Security Trainings, Automated Test Security, Security Monitoring, Kubernetes Security.
- Work with DevOps/Platform Engineers, Software Developers, Architecture to plan, design, implement and deploy secure product and platforms according to the needs of the business.
- Working with other DevOps/Platform Engineers in providing templates and knowledge that facilitates smooth automation process through out a project lifecycle with security embedded in all phases.
- Continuously drive improvements in processes, tooling, and security architecture of the underlying infrastructure and capabilities.
- Work on everything from transitioning on-prem services into Azure cloud (PaaS and IaaS services), helping move to and maintain orchestrated container-based service architecture (Azure Kubernetes and Docker).
- Improve and secure modules in our Terraform & PowerShell module library.
- Create and maintain an enterprise grade security monitoring and alerting solutions of applications, networks, data and infrastructure services. Assist in the creation of reports/dashboards for usage and up-time.
- Manage and monitor security health of platforms to ensure that issues and risk are quickly identified and resolved.
- Collaborate with the IT operations and development teams to plan and execute system changes e.g., security and audit controls as required by the business or compliance requirements.
- Automate build and release manual activities using DevSecOps best practices.
- Create security guides and documentation for the development team to securely operate and maintain products.
- Participate in incident management.
- Prioritise incidents to help deliver within SLAs. Carry out strong diagnosis to discover root cause and resolutions.
- Provide out of hours support on a rota basis throughout the year.
What we’re looking for:
- BSc. in Computer Science or Engineering or significant job experience with a minimum 2-year Security Engineering or DevOps experience, with experience on APIs.
- Experienced in working in complex environments including on-prem and cloud.
- Analytic skills and ability to solve highly complex problems.
- Experience with OWASP testing Guide / Open-Source Security Testing Methodology.
- Experience implementing controls for ISO27001 and SOC 2
- Experience with cryptography, X509 certificates, signatures, securing TLS/SSL parameters, and certificates.
- Familiarity with Secure Development Lifecycle practices and Agile development with Continuous Delivery / Integration combined with good experience of cloud security, SAST, DAST, IAST or RASP
- Excellent communication skills and organisational savvy, to steer peers toward solutions that carefully balance business, velocity, risk, compliance, and engineering concerns.
- Eagerness to challenge the status quo, balanced with a reasonable and methodical approach to effecting change.
- A growth mindset, continuous learner with a fun and positive attitude.
- Excellent understanding of information security principles, cloud security and best practices.
- Hands-on working experience implementing SIEM & SOAR Tools.
- Hands-on experience implementing WAF solutions.
- Hands-on working experience in privileged access management, vulnerability management, secure remote access, secrets management and access control.
- Hands-on experience in designing, implementing, testing, and securing APIs.
- Hands-on experience implementing security controls across data, infrastructure, and applications primarily in Azure.
- Hands-on working experience with Microsoft Azure Cloud services (IaaS, PaaS and SaaS), Security, Networking and Azure DevOps Pipelines.
- Excellent working knowledge implementing security controls across all infrastructure, platforms, and applications.
- Excellent working knowledge of security scanning tools (Static Code Analysis, Dynamics Security Testing, Opensource and Container Scanning tools).
- Excellent working knowledge with Secure Software Development Lifecycle (SSDLC) in an Azure world.
- Hands-on working knowledge of Infrastructure as Code using Terraform and programming and/or scripting language such as PowerShell, Bash, SQL, KQL.
- Hands-on knowledge on the usage of CI/CD processes including the integration of security & code quality tools.
- Hands-on knowledge in security logging, monitoring, and alerting tools.
- Hands-on knowledge in setup, maintaining and supporting Kubernetes environments using cloud providers specifically Azure.
- Hands-on experience of implementing BCP and Disaster Recovery solutions for services deployed on-prem or Azure Cloud.
- Excellent analytical and problem-solving skills, combined with the ability to provide quick resolution to problems.
- Excellent knowledge of relevant Operations services and Agile methodologies
- Good working knowledge of Azure DevOps Boards.
- Good understanding of engineering and automation of container orchestration with Kubernetes and Docker.
- Good working knowledge in building solutions on and developing integrations using Azure services.
- Ability to lead and manage complex project end-to-end from requirements, design, implementation, testing and supporting the solution.
What we offer
- 25 days holiday (exc. bank holidays) + 3 BigHand days off between Christmas & New Year
- Various wellbeing benefits including private medical, vision, Employee Assistance Program (EAP) and Employee Resource Groups (ERG)
- Company-wide Wellness day, for our teams all across the globe to switch off and spend the day doing something to nourish their mental health
- Opportunities to give back with company volunteer events and individual volunteer days
- Career growth opportunities and study leave allowance
- Family benefits including enhanced parental leave, secondary caregiver leave and fertility support
- Financial benefits including pension scheme, life assurance, and salary sacrificing
- Cycle to Work Scheme and Tech Scheme
- Growing business with a global presence, flexible working, modern offices, and remote work options
Our DEI Commitment
We welcome the unique value and individuality that you can bring to BigHand. We are an equal opportunity employer and are dedicated to recruiting solely based on capability and potential regardless of race, gender, sexual orientation, gender identity or expression, age, educational background, national origin, religion, military status or physical ability. Our BigHanders are dedicated to advancing our culture of belonging by embracing differing viewpoints, opinions, thoughts, and ideas.
- Department
- Technology
- Role
- DevOps
- Locations
- London
- Remote status
- Hybrid Remote
About BigHand
BigHand offers technology solutions for busy legal professionals that provide data and insights to increase value and profits for their business, people and clients.
We build and invest in technologies that help legal professionals to identify improvements across lawyer & support staff resourcing, document production, financial performance and matter pricing. Our solutions can:
- Streamline manual processes that take time, money and delay decision making processes
- Access data that will identify improvement opportunities to drive growth and efficiencies
- Utilize and develop people's skills in the right way, at the right cost to the business
- Build strong customer relationships through enhanced transparency, value and expertise
Senior DevSecOps Engineer
Loading application form