Match score not available

Unlock Premium Benefits Today!
🚀 Elevate your career with priority access.
Stand out to top recruiters with Jobgether Priority Access:
  • ✅ Top Match: We help you identify job offers where you're a perfect fit.
  • ✅ Exclusive Referral Service: Connect directly with recruiters as a Jobgether Certified Premium User.
  • ✅ Personalized Feedback: Receive feedback and expert guidance on applications, and have your profile manually reviewed.

Start Your Free Trial Now!

Start my free trial

DevSecOps Engineer (London-based) at Capital.com

extra holidays - extra parental leave
Remote: 
Full Remote
Contract: 
Full time
Experience: 
Mid-level (2-5 years)
Work from: 
United Kingdom

Offer summary

Qualifications:

Proven DevOps and software engineering experience, Hands-on with cloud platforms (AWS, Azure, GCP), Familiarity with Docker and Kubernetes, Proficient in scripting (Python, Bash), Strong understanding of security principles.

Key responsabilities:

  • Develop and maintain secure CI/CD pipelines
  • Implement infrastructure as code securely
  • Manage security monitoring and incident response
  • Ensure compliance with regulations and conduct assessments
  • Collaborate with teams to integrate security practices
Capital.com logo
Capital.com Fintech: Finance + Technology Scaleup https://capital.com
501 - 1000 Employees
About Capital.com
We are on a mission to make the world of finance more accessible, engaging and useful. With a focus on simplicity, ease of use, speed and power – we aim to develop the best trading service on the market. We are a fintech company with deep expertise in trading, markets, blockchain, technology, customer centricity and financial regulation. We currently live across Europe and beyond in 23 languages. We provide great customer service to accompany our smart news feed, intelligent financial content, a broad range of education, and a wide range of markets for our clients to trade. Capital Com (UK) Limited is authorised and regulated by the Financial Conduct Authority (FRN 793714). Capital Com SV Investments Limited is authorised and regulated by the Cyprus Securities and Exchange Commission (Licence No. 319/17). Capital Com Australia Limited is registered in Australia and regulated by the Australian Securities and Investments Commission (ASIC). AFSL 513393. Experienced, talented and knowledgeable, our Capital.com team works to innovate in the world of finance and customer-centricity. We do the hard work to make complicated subjects easier to understand and complex tasks effortless to achieve. We are always looking for like-minded people and are ready to seize the opportunity to cooperate with leaders in the financial ecosystem – Universities, Technology Partners, Innovators, Regulators, or Complementary Businesses. Join our team: capital.com/careers CFDs are complex instruments and come with a high risk of losing money rapidly due to leverage. 76% of retail investor accounts lose money when trading CFDs with this provider. You should consider whether you understand how CFDs work and whether you can afford to take the high risk of losing your money.
See more Capital.com offers

Job description

We are a leading trading platform that is ambitiously expanding to the four corners of the globe. Our top-rated products have won prestigious industry awards for their cutting-edge technology and seamless client experience. We deliver only the best, so we are always in search of the best people to join our ever-growing talent team. 

Are you passionate about safeguarding sensitive information and ensuring the integrity of digital assets? Do you thrive in a dynamic environment where your expertise in security systems management can make a tangible difference? Join us as a DevSecOps Engineer at capital.com!

Key Responsibilities:
  • Designing Secure CI/CD Pipelines: Develop and maintain automated CI/CD pipelines (preferable Gitlab) with a focus on security best practices, including SAST/DAST/SCA, vulnerability assessment
  • Infrastructure Security: Implement and maintain infrastructure as code using Terraform / CloudFormation / Ansible, ensuring secure configuration and compliance with industry standards and regulatory requirements
  • Security Monitoring and Incident Response: Set up and manage security monitoring tools to detect and respond to security incidents promptly. Develop incident response playbooks and collaborate with relevant teams to address security incidents effectively
  • Security Compliance: Ensure compliance with industry regulations (PCI DSS, GDPR, local financial regulation) and internal security policies. Conduct regular security assessments and audits to identify and address compliance gaps
  • Security Tooling and Automation: Evaluate, deploy, and manage security tools and technologies to automate security processes and enhance overall security posture. Continuously research and stay updated on emerging threats and security trends.
  • Secrets Management: Design, implement, and maintain robust secrets management solutions and processes using Hashicorp Vault and AWS SM / KMS
  • Collaboration and Knowledge Sharing: Work closely with development, operations, and product teams to embed security into the software development lifecycle. Provide security training and guidance to team members to increase awareness and promote a security-first culture. Maintain comprehensive documentation and playbooks for configuring, operating, and troubleshooting security solutions
  • Risk Management: Participate in risk assessments and threat modelling exercises to identify potential security risks and vulnerabilities. Develop and implement risk mitigation strategies to minimise exposure to security threats.

    • Requirements:
  • Proven experience in DevOps, software engineering, or related roles, with a focus on security
  • Hands-on experience with cloud platforms (AWS, Azure, GCP), containerisation technologies (Docker, Kubernetes), configuration management (Ansible)
  • Proficiency in scripting and automation using languages such as Python or Bash
  • Strong understanding of security principles, protocols, and standards (e.g., OWASP Top 10, NIST Cybersecurity Framework, CIS Benchmarks)
  • Experience with security testing tools (e.g., Tryvi, Prowler, ScoutSuite, SonarQube, OWASP ZAP, Nessus) and vulnerability management processes
  • Excellent communication and collaboration skills, with the ability to work effectively in a cross-functional team environment
  • Knowledge of financial industry regulations and compliance requirements is a plus
  • Demonstrated ability to adapt to a fast-paced, dynamic environment and drive initiatives independently

    • What you will get in return:
  • You will join the Company, that cares about work and life balance
  • 25 days annual leave
  • Hybrid type of work (3 days/week from office)
  • Private Medical Insurance for you and your family after probation period
  • Death In Service
  • EAP
  • Season Ticket Loan after probation
  • Cycle to Work after probation
  • Modern and outstanding equipment
  • Annual bonuses
  • Employee referral program
  • Full annual performance assessment.
    • Be a key player at the forefront of the digital assets movement, propelling your career to new heights!
    Join a dynamic and rapidly expanding company that values and rewards talent, initiative, and creativity.
    Work alongside one of the most brilliant teams in the industry.

    Required profile

    Experience

    Level of experience: Mid-level (2-5 years)
    Industry :
    Fintech: Finance + Technology
    Spoken language(s):
    Check out the description to know which languages are mandatory.

    Hard Skills

    Vulnerability ManagementAnsibleCI/CDMicrosoft AzureKubernetesDevOpsNetwork MonitoringInfrastructure as Code (IaC)Security ImplementationKey ManagementIncident ResponseDocker (Software)TerraformBash (Scripting Language)Amazon Web ServicesScriptingAWS CloudFormationAutomationSecurity ManagementPython (Programming Language)Risk ManagementgRPCFinancial RegulationsSecurity SoftwareContainerizationSecurity Testing

    Other Skills

    • Verbal Communication Skills
    • Security Policies
    • Adaptability
    • Collaboration
    Are you interested?

    DevSecOps Related jobs

    See more DevSecOps jobs
    Sign in or sign up with Google or LinkedIn