Keystone Recruitment Partners Ltd

About This Role We are looking for an experienced contractor to support the design, delivery, and operation of enterprise cloud-native services. The role will focus on Kubernetes-based platforms running on Microsoft Azure, including service mesh, application deployment, observability, security, and production support. Key responsibilities: Build, configure, and support Kubernetes environments on Azure, including AKS. Deploy and manage Spring Boot applications in containerized environments. Work with Istio or similar service mesh technologies for traffic management, security, and observability. Support CI/CD pipelines and infrastructure-as-code practices. Troubleshoot platform, networking, deployment, and application runtime issues. Collaborate with enterprise architecture, security, and operations teams to meet governance and compliance requirements. Contribute to documentation, operational runbooks, and knowledge transfer. Required experience: Strong hands-on experience with Kubernetes and Azure cloud services. Experience with Istio, ingress, service discovery, and cloud-native networking. Good understanding of Spring Boot application deployment and runtime considerations. Familiarity with enterprise IT environments, including change control, security standards, incident management, and stakeholder governance. Experience with CI/CD tooling, container registries, monitoring, logging, and secrets management. Ability to work independently and communicate effectively with both technical and non-technical stakeholders. Desirable experience: Terraform, Helm, GitOps, Azure DevOps, or GitHub Actions. Observability tools such as Prometheus, Grafana, OpenTelemetry, or Azure Monitor. Financial services or other regulated enterprise environments.

About This Role Security Engineer - DevSecOps We are seeking a highly skilled Security Engineer with strong software engineering foundations and deep expertise in secure development practices. The successful candidate will have hands-on experience with source code management, CI/CD pipelines, cloud-native environments, and secure code review processes. You will play a key role in identifying vulnerabilities, improving developer security practices, and embedding security into modern engineering workflows. Required Skills & Experience Technical Skills Expert-level knowledge of Git and modern version control workflows Strong frontend and backend development experience Hands-on application security experience in modern engineering environments Experience performing manual and automated secure code reviews Practical experience with Wiz Code Strong Python scripting and automation skills Experience with Kubernetes security and containerised environments Strong AWS cloud security knowledge Solid understanding of CI/CD pipelines and DevSecOps principles Familiarity with software engineering best practices and SDLC processes Security Expertise Secure coding practices and vulnerability remediation OWASP Top 10 and common application security risks Static and dynamic application security testing concepts Secrets management and dependency security Threat modelling and risk analysis Soft Skills Ability to communicate effectively with developers and engineering leadership Strong analytical and problem-solving skills Collaborative mindset with a pragmatic approach to security Ability to balance security requirements with engineering productivity Preferred Qualifications Experience working in high-scale cloud-native environments Familiarity with Infrastructure as Code (Terraform, CloudFormation, etc.) Knowledge of container security and Kubernetes hardening Experience integrating security tools into developer workflows Ideal Candidate Profile You are someone who: Thinks like an engineer and understands developer challenges Can read, understand, and assess production-grade code Is comfortable working across security, infrastructure, and engineering teams Enjoy improving developer security practices through collaboration rather than gatekeeping Understands modern DevSecOps and cloud-native application architectures