DevSecOps Engineer (Outside IR35 Contract)

Vollzeit
London, UK
vor 9 Monate

We are:

We are Adaptive, where you’ll use the latest technology to design, build and operate bespoke, real-time, front-to-back solutions for tier-one investment banks and commodity trading firms financial clients using the latest technology, in flat teams where innovation and collaboration are the backbones of our success.

Adaptive has a growing number of projects using the Hydra trading platform in multiple locations (London, Barcelona, Montreal, Manila and New York). Hydra is a framework built on top of Aeron messaging for building low-latency systems such as exchanges or workflow engines.

We are looking for a DevSecOps Engineer to be the first in our security-focused team and participate in the implementation and continuous improvement of security best practices across the entire organization’s back-office and front-office divisions (Consulting, Operate and Product). You will advocate good security practices and implement innovative security solutions that embrace our company culture and core values.

It will be crucial in your role to stay ahead of the curve and leverage emerging technologies and techniques to drive innovation. Innovation is not just about technology, it's also about finding new ways to solve problems, improve processes, and deliver value to the Adaptive organization and to our customers.

You are:

  • Passionate about security
  • A team player and good coordinator
  • An excellent communicator, able to communicate in the technical domain to colleagues at all levels
  • An excellent troubleshooter

You have:

  • Significant professional and practical experience implementing secure software development processes and systems for products and infrastructure
  • Experience with vulnerability scanning tools (DAST, SAST, SCA)
  • Hands-on experience with CI/CD tools (Jenkins, CircleCI, GH Actions or Gitlab CICD).
  • Hands-on experience with public cloud platforms (AWS, GCP).
  • Familiarity with secure Software Development Lifecycle (SDLC) practices and tools.
  • Familiarity with orchestration systems (Kubernetes).
  • Proficiency in scripting languages (Python, Shell or other).
  • Experience with security frameworks (ISO 27001, NIST).
  • Networking & Firewall device skills
  • Zero Trust implementation
  • Knowledge of Intrusion Detection or Prevention Systems (IDS/IPS) and Security Information and Event Management (SIEM) tools.

Ideally, you might have experience in:

  • Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) certification is a plus but not a hard requirement
  • Physical infrastructure

 

You will:

Use your skills to:

  • Help develop, implement, and maintain a secure software supply chain.
  • Help develop and maintain automated security testing processes, including static code analysis (SAST), dynamic application security testing (DAST), software composition analysis (SCA), and security scanning for containers and infrastructure
  • Help develop and implement automated security testing in the CI/CD pipeline.
  • Collaborate with development and SRE teams to ensure secure coding practices are adhered to.
  • Establish and enforce security standards and best practices.
  • Develop and maintain incident response plans (more specifically for our platform vulnerabilities).
  • Stay current with the latest vulnerabilities, attacks, and countermeasures.
  • Conduct regular security audits and provide improvement recommendations.
  • If possible:
    • Conduct regular threat modelling and risk assessments.

 

Why us: 

  • To be immersed in high-standard engineering culture. 
  • Our fantastic team takes pride in crafting complex technical solutions but also loves sharing their knowledge and helping you grow professionally (we have extraordinary minds at Adaptive, some of us worked at NASA too).
  • You can learn from anyone here, which is the beauty of it.
  • To take part in the growth and development of a great company.
  • Our teams feel free to speak up, make suggestions and raise concerns.
  • Collaborative team environment: we all work together, respect each other, and pitch in
  • Great consideration for work/life balance (highly flexible, hybrid working model, well-being benefits...) Highly flexible working model. The balance between professional and personal life is massively important to us.
  • We work hard to have a positive and collaborative culture and to positively impact our staff and local communities through different well-being, diversity and inclusion programmes.
 

WHAT DO PEOPLE THINK OF US 🗣

You can check our Glassdoor page 🎉 

 

The Hiring Process:

Long interview processes are stressful and boring and that is not us. We want to make sure that everything runs smoothly.

So here you will have three stage interviews:

1) A chat with one of our Talent Acquisition Specialists.

2) A technical assessment interview based on a hands-on exercise/scenario to work through.

3) An informal chat with the local directors.

But don’t worry; everything will be explained to you step by step by your recruiter. 

A little tip for you during those stages: 

Collaboration is massively important to us, so don't hesitate to share your thoughts, ask questions, ask for help if needed, etc 

 

Diversity and inclusion: 

Diversity and inclusion are key to a great workplace, and Adaptive is better when it’s more representative of the world around us. We want everyone to feel comfortable bringing their whole selves to work without any fear of judgment or negativity. 

All we ask is that our colleagues are respectful, collaborative, passionate about what they do, and have the skills needed to be successful in their roles.