DevSecOps Engineer

Our hosting team delivers InterSystems’ solutions as hosted or managed services, anywhere in the world.  As more and more clients change to hosted solutions, we are looking for a new DevSecOps engineer. This is a hands-on role for someone who thrives in complex hosting environments. As a DevSecOps Engineer, you’ll work across infrastructure and application layers to identify and remediate vulnerabilities, coordinate with engineering teams, and ensure our systems meet the highest standards of security and compliance. Experience in a hosting provider or managed service provider (MSP) is essential, as you'll be navigating multi-tenant architectures, uptime SLAs, and regulatory frameworks that demand precision and accountability.

The role offers a fantastic opportunity to gain experience across a range of technologies, to solve interesting problems, to be allowed to make improvements, and to be recognized for making a difference.

Benefits Include

• Lucrative Bonus Scheme
• Private Healthcare incl Dental Plan
• Enhanced Pension
• Wellbeing programmes
• Volunteering Days
• Perk & Saving Discounts
• Gym Reimbursements
• 25 days Annual Leave
• Free lunch and more!

Responsibilities

• Lead departmental security compliance initiatives and external audits
• Identify, triage, and remediate vulnerabilities across infrastructure and applications
• Assess and contextualize vulnerabilities by evaluating exploit difficulty, existing controls, and potential impact
• Produce clear, actionable management-level reports that translate technical findings into business risk language
• Collaborate with external CREST-accredited assessors and deliver customer-facing vulnerability summaries
• Coordinate secure changes and maintenance windows with engineering teams
• Respond to security incidents and support root cause analysis and reporting
• Participate in the deployment of new applications and/or changes, ensuring that all service components are documented and monitored and integrated into the company’s operational processes.
• Work with stakeholders across the solutions lifecycle to ensure that pre-operational sign-offs are obtained, so as to ensure that solutions can be operated in a way that meets or exceeds performance targets e.g. security, availability and response times.
• Assist with the troubleshooting of integration issues.
• Consulting with technical stakeholders (including customers) on the delivery of hosted solutions.

Experience & Qualifications

• Good experience in a hosting provider or managed service provider environment
• Strong working knowledge of ISO 27001, ISO 27017, ISO 27018, and ISO 22301
• Hands-on experience with scanning and vulnerability detection applications
• Hands-on experience of Real time threat detection software
• Ability to analyze and explain exploitability of vulnerabilities, including attack vectors, prerequisites, and mitigations
• Skilled in producing executive-level reporting that aligns technical risk with business impact
• Familiarity with healthcare data protection regulations and audit readiness
• Strong communication skills for cross-functional collaboration and customer engagement
• Strong experience in AD GPO development and maintenance, particularly around security
• Good experience of security in both Linux and Windows environments
• Experience of public and private cloud environments
• Hands-on Windows domain and AD management experience
• Strong troubleshooting skills
• Strong scripting skills
• Enthusiasm and talent for acquiring complex technical skills
• Good customer service attitude
• Knowledge of configuration management (Puppet and/or Red Hat Satellite preferred)
• Scripting for automation using technologies (e.g. Powershell, Puppet, Ansible, Python)
• ITIL knowledge – principles and application
• Ability to support and develop junior colleagues