SC Cleared DevSecOps Engineering Lead
DevSecOps Engineering Lead
Clearance required: MOD SC
Location: Hybrid
Sector: Public
IR35 Status: PAYE via Umbrella company only
Job Description:
We are seeking an experienced, client-facing Lead DevSecOps Engineer to drive and coordinate DevSecOps practices across multiple digital products delivered as part of a wider MOD business and digital transformation programme, where Capgemini is the client's prime Digital Delivery Partner. Products will be deployed across the MOD digital estate (MODCloud), including MOD's instances of Microsoft Azure (MODCloud ACE/i-ACE), AWS (MODCloud ICE) and Oracle Cloud Infrastructure (OCI/MODCloud OCE).
You will embed security, compliance and automation into the software delivery life cycle, ensuring platforms and applications meet stringent security and operational standards. You will also establish consistent, documented processes used by DevSecOps engineers across each environment, including a coordinated approach for releasing updates across the integrated set of products and platforms in scope.
This role requires deep expertise in CI/CD pipelines, delivery workflows and security tooling across these cloud environments, alongside strong collaboration with developers, DevSecOps engineers, infrastructure engineers and test teams.
Key Responsibilities
Design, implement, document and continuously improve DevSecOps practices across the delivery teams, including:
o Secure, automated CI/CD pipelines
o Security scanning integrated into build, test and deployment workflows
o Vulnerability life cycle management, including allowlist processes and risk acceptance where required
o Secrets management and identity/access management
o Policy enforcement for workloads, container images and infrastructure
o Observability, monitoring, logging and audit controls
Partner with developers to embed secure-by-design engineering and ensure compliance with MOD security standards.
Enable and govern Infrastructure as Code (IaC) practices across teams and environments.
Contribute to incident response, patching cycles and compliance reporting, ensuring lessons learned are captured and actions tracked.
Document security processes, controls and operational runbooks in Confluence.
Key Skills and Experience
Essential
Proven experience as a DevSecOps Lead, establishing and operating DevSecOps ways of working and associated tooling across the following areas (hands-on and leading others):
o CI/CD and GitOps (eg GitHub Actions, Argo CD, Argo Rollouts)
o Security and compliance tooling (eg Trivy scanning and vulnerability management, HashiCorp Vault, cert-manager)
o Containers and orchestration (eg Docker, AWS EKS)
o Infrastructure as Code (eg Terraform)
o Observability (eg Grafana, Loki)
o Scripting and automation (eg Python, Bash)
o Cloud and networking fundamentals (eg AWS IAM, S3, network policies)
Experience delivering within the UK Government Digital Service (GDS) life cycle on a public sector engagement.
Experience working with and leading distributed and hybrid teams.
Demonstrated ability to work across cross-functional teams, particularly with developers, testers and DevSecOps engineers.
Strong facilitation, communication and stakeholder management skills, with experience influencing at multiple levels.
Highly Desirable
Experience leading DevSecOps engineering for products hosted on the MOD digital estate, spanning Microsoft Azure (MODCloud ACE/i-ACE), AWS (MODCloud ICE) and Oracle Cloud Infrastructure (OCI/MODCloud OCE).
Clearance:
MOD SC (minimum BPSS to start; must be eligible to apply for MOD SC).
Reference: 3128041579
SC Cleared DevSecOps Engineering Lead
Posted on Jun 24, 2026 by fortice
DevSecOps Engineering Lead
Clearance required: MOD SC
Location: Hybrid
Sector: Public
IR35 Status: PAYE via Umbrella company only
Job Description:
We are seeking an experienced, client-facing Lead DevSecOps Engineer to drive and coordinate DevSecOps practices across multiple digital products delivered as part of a wider MOD business and digital transformation programme, where Capgemini is the client's prime Digital Delivery Partner. Products will be deployed across the MOD digital estate (MODCloud), including MOD's instances of Microsoft Azure (MODCloud ACE/i-ACE), AWS (MODCloud ICE) and Oracle Cloud Infrastructure (OCI/MODCloud OCE).
You will embed security, compliance and automation into the software delivery life cycle, ensuring platforms and applications meet stringent security and operational standards. You will also establish consistent, documented processes used by DevSecOps engineers across each environment, including a coordinated approach for releasing updates across the integrated set of products and platforms in scope.
This role requires deep expertise in CI/CD pipelines, delivery workflows and security tooling across these cloud environments, alongside strong collaboration with developers, DevSecOps engineers, infrastructure engineers and test teams.
Key Responsibilities
Design, implement, document and continuously improve DevSecOps practices across the delivery teams, including:
o Secure, automated CI/CD pipelines
o Security scanning integrated into build, test and deployment workflows
o Vulnerability life cycle management, including allowlist processes and risk acceptance where required
o Secrets management and identity/access management
o Policy enforcement for workloads, container images and infrastructure
o Observability, monitoring, logging and audit controls
Partner with developers to embed secure-by-design engineering and ensure compliance with MOD security standards.
Enable and govern Infrastructure as Code (IaC) practices across teams and environments.
Contribute to incident response, patching cycles and compliance reporting, ensuring lessons learned are captured and actions tracked.
Document security processes, controls and operational runbooks in Confluence.
Key Skills and Experience
Essential
Proven experience as a DevSecOps Lead, establishing and operating DevSecOps ways of working and associated tooling across the following areas (hands-on and leading others):
o CI/CD and GitOps (eg GitHub Actions, Argo CD, Argo Rollouts)
o Security and compliance tooling (eg Trivy scanning and vulnerability management, HashiCorp Vault, cert-manager)
o Containers and orchestration (eg Docker, AWS EKS)
o Infrastructure as Code (eg Terraform)
o Observability (eg Grafana, Loki)
o Scripting and automation (eg Python, Bash)
o Cloud and networking fundamentals (eg AWS IAM, S3, network policies)
Experience delivering within the UK Government Digital Service (GDS) life cycle on a public sector engagement.
Experience working with and leading distributed and hybrid teams.
Demonstrated ability to work across cross-functional teams, particularly with developers, testers and DevSecOps engineers.
Strong facilitation, communication and stakeholder management skills, with experience influencing at multiple levels.
Highly Desirable
Experience leading DevSecOps engineering for products hosted on the MOD digital estate, spanning Microsoft Azure (MODCloud ACE/i-ACE), AWS (MODCloud ICE) and Oracle Cloud Infrastructure (OCI/MODCloud OCE).
Clearance:
MOD SC (minimum BPSS to start; must be eligible to apply for MOD SC).
Reference: 3128041579
Alert me to jobs like this:
Amplify your job search:
Expert career advice
Increase interview chances with our downloads and specialist services.
Visit Blog