Senior DevSecOps Engineer

🔥 24 minutes ago

🇬🇧 United Kingdom – Remote

💵 £75k - £85k / year

⏰ Full Time

🟠 Senior

⛑ DevOps & Site Reliability Engineer (SRE)

🇬🇧 UK Skilled Worker Visa Sponsor

This company has sponsored UK Skilled Worker visas in the past.

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

Arbor Education

WebsiteLinkedInAll Job Openings

51 - 200 employees

📚 Education

🤝 B2B

💰 Private Equity Round on 2020-12

Education • B2B • Software

Arbor Education is a rapidly expanding company dedicated to transforming the way schools operate by freeing staff from administrative tasks and enhancing collaboration. Utilizing a Management Information System (MIS), Arbor Education provides tools to improve school processes and educational outcomes for over 5,000 schools. Their mission-driven team, consisting of ex-teachers, education technology engineers, and specialists, is passionate about providing effective solutions to improve the educational sector. Founded in 2011, Arbor Education is driven by a commitment to innovation and the well-being of teachers and students, along with a dedication to diversity and inclusion in its workforce.

📋 Description

• Collaborate with stakeholders to pinpoint security enhancements across platform architecture and infrastructure, devising and executing strategic plans for implementation • Work closely with the Platform team to embed robust security processes, controls, and tooling across all system components • Threat model new and existing systems — including AI/LLM-enabled features and agentic workflows — and translate findings into prioritised, actionable work • Strengthen our software supply chain: dependency and base-image hygiene, SBOM generation, artefact signing and provenance, and the pinning of third-party actions and packages • Secure the use of AI across the SDLC, ensuring agentic coding tools, assistants, and MCP integrations operate within safe, well-scoped, and auditable boundaries • Contribute to the evolution of deployment frameworks, emphasising security, deployment speed, and system stability • Elevate platform security through strong secrets management and the safe handling of sensitive information • Play an active role in incident response, resolution, and blameless post-mortems, facilitating continuous improvement • Participate in knowledge-sharing initiatives, including tech-talks and team-based learning sessions • Maintain meticulous, current documentation — playbooks, runbooks, and comprehensive systems documentation — to facilitate knowledge dissemination

🎯 Requirements

• Extensive experience in cyber security and associated engineering practices • Vulnerability management and remediation at scale • Proven track record in DevOps / DevSecOps engineering within large-scale platforms • Proficiency in distributed cloud systems, particularly Amazon Web Services • Expertise in Infrastructure as Code (IaC) tooling such as Terraform and CloudFormation • Experience with languages such as PHP, Bash, or Python • Experience with Docker and containerisation, with a working understanding of container and runtime security • Software supply-chain security: SBOMs, dependency scanning, and artefact signing / provenance (e.g. SLSA, Sigstore) • Secrets management and detection (e.g. Vault, cloud-native secret stores, secret-scanning in CI) • Security tooling across the SDLC: SAST, DAST, SCA, IaC scanning, and container scanning (e.g. Snyk, Trivy) • Policy-as-code and guardrails (e.g. OPA / Conftest), with an identity-centric / zero-trust approach to access • Familiarity with monitoring and detection tooling like DataDog, Prometheus, or similar platforms • A proactive problem-solving attitude coupled with strong teamwork and communication skills • Exceptional proficiency in written and spoken English to effectively articulate ideas and concepts. • Practical understanding of AI/LLM security risks and their mitigations — e.g. prompt injection, jailbreaks, insecure output handling, sensitive-data leakage, and excessive agency (aligned to the OWASP Top 10 for LLM Applications) • Experience securing AI-assisted and agentic development tooling: scoping permissions, sandboxing, logging and audit, and preventing secret or data exfiltration through AI agents and MCP servers • Familiarity with AI threat modelling and adversarial techniques (e.g. MITRE ATLAS) and with conducting or supporting AI-aware red teaming • Awareness of AI governance and assurance frameworks (e.g. NIST AI RMF, ISO/IEC 42001) and how they intersect with data-protection obligations for a multi-tenant platform handling children's data • Confident, responsible use of AI tooling to accelerate security work — triage, detection engineering, code review, and documentation — while understanding and accounting for its limitations • Past experience with enterprise solutions running at scale (Bonus) • Familiarity with kanban and agile development processes (Bonus) • Familiarity with software best practices such as Refactoring, Clean Code, Domain-Driven Design, Test-Driven Development, etc. (Bonus) • Experience with compliance frameworks relevant to EdTech (e.g. NIST CSF, ISO 27001, SOC 2, UK GDPR) (Bonus) • Relevant certifications (e.g. AWS Security Specialty, OSCP, or AI security / governance credentials) (Bonus)

🏖️ Benefits

• A dedicated wellbeing team who champion initiatives such as mindfulness, lunch n learns, manager training, mental health first aid training and much more! • 32 days holiday (plus Bank Holidays). This is made up of 25 days annual leave plus 7 extra company wide days given over Easter, Summer & Christmas • Life Assurance paid out at 3x annual salary • Comprehensive wellness benefit provided by AIG Smart Health, which provides a 24/7 virtual GP service, Mental health support, Counselling, and personalised Health Checks • Private Dental Insurance with Bupa • Salary sacrifice Pension provided by Scottish Widows • Enhanced maternity and adoption leave (20 weeks full pay) and paternity (6 weeks full pay) pay • 5 free return to work maternity coaching sessions, helping you adapt to this new exciting time of life! • Access to services such as Calm and Bippit (financial wellbeing coaching) • All of our roles champion flexible working and we are happy to discuss what this means to you • Social committees that plan team, office and company wide events to bring people together and celebrate success • Dedicated professional development training budget (CPD courses, upskilling resources, professional memberships etc) • Volunteer with a charity of your choice for a day each year • Dog friendly offices!