G18 - DevOps Engineer

Key Responsibilities

Embed Security into CI/CD Pipelines

• Implement automated security scanning, vulnerability assessments, and compliance monitoring within the GCC 2.0 framework.
• Ensure adherence to government security standards throughout the release lifecycle.

Cloud Infrastructure Management

• Design, deploy, and manage infrastructure using Infrastructure as Code (IaC).
• Ensure secure configuration, scalability, cost efficiency, and performance within GCC 2.0.

CI/CD Pipeline Development

• Build, maintain, and optimise continuous integration and deployment pipelines.
• Integrate security gates, automated testing, and deployment strategies for development, staging, and production.

Monitoring & Incident Response

• Establish and maintain security monitoring systems, log analysis, and alerting mechanisms.
• Detect, respond to, and remediate security incidents; conduct regular security assessments.

Requirements

• 3 - 7 years of experience in DevSecOps, Site Reliability Engineering, or Cloud Security Engineering.
• Hands-on expertise with CI/CD tools (e.g., Jenkins, GitLab CI/CD, GitHub Actions, ArgoCD).
• Strong knowledge of AWS or government cloud environments (GCC 2.0 preferred).
• Experience with Infrastructure as Code (IaC) tools (e.g., Terraform, CloudFormation).
• Proficiency in containerisation and orchestration (Docker, Kubernetes, EKS).
• Familiarity with security testing tools (Snyk, SonarQube, OWASP ZAP, Trivy, etc.).
• Knowledge of compliance frameworks (IM8, CIS Benchmarks, ISO27001, NIST) and secure coding practices.
• Strong scripting skills (Python, Bash, PowerShell, or equivalent) for automation and monitoring.
• Ability to work effectively in Agile environments, collaborating with cross-functional teams.