DevSecOps Engineer - GCP Certified A DevSecOps Engineer plays a crucial role in maintaining the security and integrity of an organisations applications and infrastructure. They bridge the gap between development, operations, and security teams, promoting a culture of shared responsibility and collaboration to ensure that security is an integral part of the entire software development life cycle. Responsibilities: Collaborate with development, operations, and security teams to integrate security best practices and tools into the software development life cycle. Shift Left Approach to security within the pipelines, to scan and update IaC code for relevant Benchmark/frameworks and industry best Practices. Design, implement, and maintain security automation and monitoring tools to identify and remediate security vulnerabilities in applications and infrastructure. Perform regular security assessments, penetration testing, and vulnerability scanning to proactively identify and address potential security risks. Develop and maintain security policies, guidelines, and procedures to ensure consistent and secure development practices across the organisation. Monitor and analyse security incidents to improve security measures and prevent future incidents. Assist in incident response and remediation efforts, providing expertise in security incident management and root cause analysis. Ensure compliance with industry regulations and standards, such as GDPR, HIPAA, PCI DSS, or other relevant frameworks. Educate and train development and operations teams on secure coding practices, security tooling, and the latest security trends and threats. Continuously evaluate and recommend new security technologies and best practices to improve the organisations overall security posture. Requirements: Bachelor's degree in computer science, information security, or a related field, or equivalent experience. 5-10 years experience in a DeVSecOps role Strong understanding of secure software development practices, such as OWASP Top Ten, secure coding principles, and threat modeling. Familiarity with security technologies and tools, including vulnerability scanners, intrusion detection systems, firewalls, and encryption technologies. Terraform IaC Proficiency in one or more programming or scripting languages (e.g., Python, Ruby, JavaScript, Go). Experience with CI/CD pipelines, automation tools, and containerisation technologies (e.g., Jenkins, Github Actions, GitLab CI/CD, Docker, Kubernetes). Knowledge of cloud platforms (e.g., AWS, Azure, GCP) and their respective security services, best practices, and compliance requirements. Strong analytical, problem-solving, and communication skills. Relevant industry certifications, such as CISSP, CEH, or CompTIA Security+, are a plus.