Security DevSecOps Engineer - Contractor
Competitive £day rate
Malmesbury, United Kingdom
DescriptionWe are recruiting an experienced DevSecOps Engineer to complement our security function and enhance our security response capability. As a member of the security practice, you will have experience of delivering security as code and be familiar with secure coding practices using industry standard methodologies.
You will assist with the delivery of security components to AGILE workflows supporting pre-commit and post-commit security inputs and testing. You will assist in the delivery and on-going assurance of Dyson’s Connected Cloud / IoT consumer device platform at all stages; from setting security requirements through to deliver of security enhancements. You will have the opportunity to prototype and demonstrate security features in your chosen language and provide enhancements and input into the wider security roadmap to ensure that your ideas are realised.
Market OverviewTucked away in a quiet corner of Wiltshire, but only 15 minutes from the M4 and well connected by rail, our Malmesbury HQ is home to more than 4,000 people in a growing campus that houses our IT, Finance, Group Commercial, RDD and GB & Ireland Market teams. With 3 cafes, a gym and sports facility and a selection of iconic engineering legends including our Harrier and Lightning jets, it’s an inspirational place to work and the IT team is based in the most recently built, agile workspace.
Function OverviewIt’s no secret that our intellectual property is massively critical to our success. But how do we keep it from the prying eyes of the bad guys? Dyson’s Cyber Security department works tirelessly to keep our secrets secret and our crown jewels locked up, using world class technologies to stay one step ahead of the game. We think like hackers and try and anticipate their every move, researching the latest threats and exploring every angle. The Security Architecture team design the technology solutions that keep us at the top of our game, refining our processes, stressing our systems, and making sure we’re well honed. It’s a tireless job, but the bad guys don’t rest.
Accountabilities• Work with security research, cloud and embedded engineers to understand and respond to threats facing the Dyson IOT cloud.
• Assist with building security tooling to support pre-commit, Continuous Integration, Continuous Deployment through to production.
• Support the development of security operations for monitoring, testing, audit and compliance of the Connected/IoT programme.
• Assist the Infrastructure team in improving platform availability using automated protection mechanisms.
• Work across a broad landscape of languages from a security perspective to support mobile, cloud and embedded teams.
• Act as the point of contact for all security queries within your designated scrum team/s.
• Carry out hands-on and time sensitive security delivery work within your designated scrum team/s.
• Design, coordinate and oversee security testing to verify the security of systems and cloud applications and drive the remediation of identified vulnerabilities.
Skills• Able to articulate threat and risk in the context of data privacy and brand reputation.
• Contributor to enhancing development processes and tooling that highlight security issues to analysts early on in the development lifecycle.
• Willing to prove out security methodologies through the production of prototype code in your chosen language.
• Able to apply security principles across a wide variety of development languages
• Act as an ambassador for all thing security and be proactive within security communities both academic and commercial.
•Keen to look at deployed features in the context of security incident response and analysis.
• Demonstrate how shifting security left supports the DevOps lifecycle rather than hinders it.
• Communicate with technical and non-technical audiences at various levels, including project managers, delivery teams, wider security teams, and risk owners.