DevOps & Cyber Security Engineer

Location: Remote (UK/EU preferred)
Type: Contract (Outside IR35)
Start Date: ASAP

We're looking for a DevOps & Cyber Security Engineer to design, build, and secure the infrastructure behind a multi-client SaaS platform with a Flutter Front End and Django Back End. This role is perfect for someone who thrives on automation, scale, and airtight security.

Key Responsibilities DevOps & Infrastructure (Critical)

• Build and maintain CI/CD pipelines for Flutter (Front End) and Django (Back End).
• Architect infrastructure to provision isolated environments per client.
• Automate deployment of client-specific sites, domains, and SSL certificates.
• Implement flexible authentication (Firebase Auth or alternative).
• Ensure secure, scalable data separation across clients.
• Manage DNS, environment variables, SSL, and versioning.
• Set up centralized logging and Real Time monitoring per environment.
• Define uptime checks, health checks, and auto-scaling.
• Automate end-to-end testing, builds, and deployments for staging/production.
• Integrate GitHub for seamless workflows and version control.

DevOps (Important)

• Prepare for future SSO/OAuth integrations.
• Automate deployment of Flutter web apps (Firebase Hosting or alternatives).
• Deploy Django Back End using GCP (App Engine, Cloud Run, or Kubernetes).
• Set up alerting for infrastructure and application failures.
• Maintain technical documentation for CI/CD and infrastructure.
• Continuously assess and improve security, performance, and cost-efficiency.

Cyber Security (Critical)

• Harden Docker images and Django production settings.
• Enforce secure headers, HTTPS-only traffic, and strict access controls.
• Apply rate limiting, input validation, and secure Firebase Auth roles.
• Sanitize uploads and block malicious files.
• Ensure secure token handling and restrict unauthenticated access.
• Configure Cloud Logging & Monitoring with alerting for suspicious activity.
• Prevent sensitive data leaks via logs or error messages.
• Secure domain registration and automate SSL/TLS provisioning.

Cyber Security (Important)

• Secure access to static/media files and set upload limits.
• Use Google IAM and Secret Manager for internal access control.
• Protect databases with encryption, SSL, and access Firewalls.
• Configure DNSSEC and domain lock to prevent hijacking.
• Conduct penetration testing, simulate attack scenarios, and provide a fix roadmap.
• Create an incident response plan and define escalation protocols.
• Establish internal security guidelines for the team.

Ideal Candidate

• Proven experience with GCP, Docker, Firebase, and CI/CD tools.
• Strong knowledge of cloud security best practices.
• Skilled in building scalable, multi-tenant systems.
• Passionate about automation, reliability, and bulletproof security.
• Excellent communicator who documents thoroughly and proactively mitigates risks.