Senior Cloud Security Engineer (London or Bristol) We are HealthHero, Europe's largest digital clinic. Join us at a pivotal moment as we scale our digital healthcare platform across Europe - giving you the chance to shape security at the heart of a fast-growing, AI-driven business. We are recruiting an exciting Senior Cloud Security Engineer on an initial 12 month fixed term contract, with a view to becoming permanent - based in either our London or Bristol office two days per week. About the role This role will form a fundamental part of a growing PlatformSecurity function, where the team covers application security, cloud security, security operations, culture and risk management. As a tech-centric organisation the Information Security team will play a critical part in embedding a security-first mindset into application development and continuous application monitoring. This role will co-own the cloud security posture and tooling across HealthHero's AWS and Azure estates and have the opportunity to tackle cloud security with an international scope. The role will be supported by a multidisciplinary force of Infrastructure, Data Governance and Engineering team leads with a security focus as part of their remit. The role has a focus on infrastructure and cloud networking when it comes to security posture. As an experienced Cloud Security Engineer, your working day will include but not be limited to: DevSecOps & SDLC Champion integration of security testing into CI/CD pipelines across all development teams and usage of automated security gates: SAST, DAST, dependency scanning, secrets detection Enable self-serve security tooling for development teams Ability to set up development environment Cloud Security Own cloud security posture management using Wiz (or similar CSPM) Define and enforce cloud security baselines, guardrails, and policies in AWS Implement and maintain IaC security scanning for Terraform Manage IAM policies, network segmentation, and secrets management Configure and tune SIEM (or similar) for cloud-focused detection Establish logging, monitoring, and alerting requirements based on threat modelling Investigate and respond to cloud security events Risk & Compliance Identify, articulate, and escalate security risks to senior leadership with mitigation plans Track and remediate vulnerabilities across infrastructure Manage customer initiatives related to due diligence when required to Support and develop annual programme of Penetration Testing and associated remediations Stakeholder Engagement Partner with internal and stakeholder management to support any requirements from the security function - particularly governance and accreditation requirements across different countries Provide expertise on emerging threats and vulnerabilities Support response to customer/client due diligence requests with timely and accurate information regarding vulnerability exposure Key Skills and Experience Essential Proven experience in application security, DevSecOps, or cloud security Strong understanding of cloud networking Experience securing cloud environments (AWS, Azure) Ability to read and write IAC (Terraform) code, comfortable with IAC lifecycles Familiarity with container security and Kubernetes Understanding of secure coding, penetration testing techniques, SIEM, and vulnerability management Strong technical skills relevant to Information Security such as secure coding standards, ethical hacking techniques, network security and risk analysis Understanding of managing Secure Development Lifecycle and Vulnerability Management. Understanding and practical experience of ISO27001:2022 controls and audit processes Desirable AWS Security Specialty or similar certification Experience in regulated environments (healthcare, financial services) Familiarity with NHS DSPT Technical knowledge of GDPR and data protection requirements Hands-on with CI/CD security tooling and pipeline integration Interest in learning other countries health and security regulations (France / UK / IR / DE) About us We exist to simplify healthcare and improve lives by making care feel instant, intelligent and human. HealthHero is Europe's largest digital health provider , delivering 4 million consultations per year. But we're just getting started. We've built a seamless digital clinic that brings body and mind together - from GP appointments and mental health support to long-term condition management. By sitting behind the world's leading insurers and employers and supporting public health systems, we make it easier for millions of people to get the care they need, exactly when they need it. We are a high-growth, capital-backed business with a sophisticated scale strategy. Our team is a unique blend of those with strong digital experience, management consultants, creatives and industry-leading clinical experts. We aren't just digitising appointments; we're building the next generation of healthcare. We're creating an AI-powered, always-on ecosystem that learns from every interaction to shift the needle from reactive treatment to proactive, sustainable health. At HealthHero, we are digital when it should be and human where it counts. Join us, and help build a next generation health system the world is waiting for. We're proud to be recognised as a which reflects our commitment to creating a supportive and engaging culture. We have also been featured as the fastest growing digital healthcare company of scale in the first Sunday Times 100 Tech list. This recognition shows our impact in the digital health sector and our dedication to innovation and excellence. Committed to achieving excellence in the delivery of person-centred care, we invest in people, resources and technology to continuously improve the quality of its services and organisational culture.
Jun 09, 2026
Full time
Senior Cloud Security Engineer (London or Bristol) We are HealthHero, Europe's largest digital clinic. Join us at a pivotal moment as we scale our digital healthcare platform across Europe - giving you the chance to shape security at the heart of a fast-growing, AI-driven business. We are recruiting an exciting Senior Cloud Security Engineer on an initial 12 month fixed term contract, with a view to becoming permanent - based in either our London or Bristol office two days per week. About the role This role will form a fundamental part of a growing PlatformSecurity function, where the team covers application security, cloud security, security operations, culture and risk management. As a tech-centric organisation the Information Security team will play a critical part in embedding a security-first mindset into application development and continuous application monitoring. This role will co-own the cloud security posture and tooling across HealthHero's AWS and Azure estates and have the opportunity to tackle cloud security with an international scope. The role will be supported by a multidisciplinary force of Infrastructure, Data Governance and Engineering team leads with a security focus as part of their remit. The role has a focus on infrastructure and cloud networking when it comes to security posture. As an experienced Cloud Security Engineer, your working day will include but not be limited to: DevSecOps & SDLC Champion integration of security testing into CI/CD pipelines across all development teams and usage of automated security gates: SAST, DAST, dependency scanning, secrets detection Enable self-serve security tooling for development teams Ability to set up development environment Cloud Security Own cloud security posture management using Wiz (or similar CSPM) Define and enforce cloud security baselines, guardrails, and policies in AWS Implement and maintain IaC security scanning for Terraform Manage IAM policies, network segmentation, and secrets management Configure and tune SIEM (or similar) for cloud-focused detection Establish logging, monitoring, and alerting requirements based on threat modelling Investigate and respond to cloud security events Risk & Compliance Identify, articulate, and escalate security risks to senior leadership with mitigation plans Track and remediate vulnerabilities across infrastructure Manage customer initiatives related to due diligence when required to Support and develop annual programme of Penetration Testing and associated remediations Stakeholder Engagement Partner with internal and stakeholder management to support any requirements from the security function - particularly governance and accreditation requirements across different countries Provide expertise on emerging threats and vulnerabilities Support response to customer/client due diligence requests with timely and accurate information regarding vulnerability exposure Key Skills and Experience Essential Proven experience in application security, DevSecOps, or cloud security Strong understanding of cloud networking Experience securing cloud environments (AWS, Azure) Ability to read and write IAC (Terraform) code, comfortable with IAC lifecycles Familiarity with container security and Kubernetes Understanding of secure coding, penetration testing techniques, SIEM, and vulnerability management Strong technical skills relevant to Information Security such as secure coding standards, ethical hacking techniques, network security and risk analysis Understanding of managing Secure Development Lifecycle and Vulnerability Management. Understanding and practical experience of ISO27001:2022 controls and audit processes Desirable AWS Security Specialty or similar certification Experience in regulated environments (healthcare, financial services) Familiarity with NHS DSPT Technical knowledge of GDPR and data protection requirements Hands-on with CI/CD security tooling and pipeline integration Interest in learning other countries health and security regulations (France / UK / IR / DE) About us We exist to simplify healthcare and improve lives by making care feel instant, intelligent and human. HealthHero is Europe's largest digital health provider , delivering 4 million consultations per year. But we're just getting started. We've built a seamless digital clinic that brings body and mind together - from GP appointments and mental health support to long-term condition management. By sitting behind the world's leading insurers and employers and supporting public health systems, we make it easier for millions of people to get the care they need, exactly when they need it. We are a high-growth, capital-backed business with a sophisticated scale strategy. Our team is a unique blend of those with strong digital experience, management consultants, creatives and industry-leading clinical experts. We aren't just digitising appointments; we're building the next generation of healthcare. We're creating an AI-powered, always-on ecosystem that learns from every interaction to shift the needle from reactive treatment to proactive, sustainable health. At HealthHero, we are digital when it should be and human where it counts. Join us, and help build a next generation health system the world is waiting for. We're proud to be recognised as a which reflects our commitment to creating a supportive and engaging culture. We have also been featured as the fastest growing digital healthcare company of scale in the first Sunday Times 100 Tech list. This recognition shows our impact in the digital health sector and our dedication to innovation and excellence. Committed to achieving excellence in the delivery of person-centred care, we invest in people, resources and technology to continuously improve the quality of its services and organisational culture.
Working for a Tier 1 bank 2-3 days in Sheffield non negotiable Qualifications - External To be successful in this role, you should meet the following requirements of full stack engineer In-dept knowledge of java 8/11, microservices architecture, Spring boot and Postgres and Oracle Very good understanding of containers and Container Orchestration technology such as Docker/Kubernetes and GCP Cloud platform. Hands-on experience with Unix, Git, Jenkins, Maven Proficiency in using JIRA and Confluence Comprehensive knowledge of modern DevSecOps Tools and Techniques. Extensive experience of working in Agile Teams, Job Title: Java Developer (Sheffield) Location: Sheffield, UK Job Type: Contract Trading as TEKsystems. Allegis Group Limited, Maxis 2, Western Road, Bracknell, RG12 1RT, United Kingdom. No. (phone number removed). Allegis Group Limited operates as an Employment Business and Employment Agency as set out in the Conduct of Employment Agencies and Employment Businesses Regulations 2003. TEKsystems is a company within the Allegis Group network of companies (collectively referred to as "Allegis Group"). Aerotek, Aston Carter, EASi, Talentis Solutions, TEKsystems, Stamford Consultants and The Stamford Group are Allegis Group brands. If you apply, your personal data will be processed as described in the Allegis Group Online Privacy Notice available at (url removed)> To access our Online Privacy Notice, which explains what information we may collect, use, share, and store about you, and describes your rights and choices about this, please go to (url removed)> We are part of a global network of companies and as a result, the personal data you provide will be shared within Allegis Group and transferred and processed outside the UK, Switzerland and European Economic Area subject to the protections described in the Allegis Group Online Privacy Notice. We store personal data in the UK, EEA, Switzerland and the USA. If you would like to exercise your privacy rights, please visit the "Contacting Us" section of our Online Privacy Notice at (url removed)/en-gb/privacy-notices for details on how to contact us. To protect your privacy and security, we may take steps to verify your identity, such as a password and user ID if there is an account associated with your request, or identifying information such as your address or date of birth, before proceeding with your request. If you are resident in the UK, EEA or Switzerland, we will process any access request you make in accordance with our commitments under the UK Data Protection Act, EU-U.S. Privacy Shield or the Swiss-U.S. Privacy Shield.
Jun 09, 2026
Contractor
Working for a Tier 1 bank 2-3 days in Sheffield non negotiable Qualifications - External To be successful in this role, you should meet the following requirements of full stack engineer In-dept knowledge of java 8/11, microservices architecture, Spring boot and Postgres and Oracle Very good understanding of containers and Container Orchestration technology such as Docker/Kubernetes and GCP Cloud platform. Hands-on experience with Unix, Git, Jenkins, Maven Proficiency in using JIRA and Confluence Comprehensive knowledge of modern DevSecOps Tools and Techniques. Extensive experience of working in Agile Teams, Job Title: Java Developer (Sheffield) Location: Sheffield, UK Job Type: Contract Trading as TEKsystems. Allegis Group Limited, Maxis 2, Western Road, Bracknell, RG12 1RT, United Kingdom. No. (phone number removed). Allegis Group Limited operates as an Employment Business and Employment Agency as set out in the Conduct of Employment Agencies and Employment Businesses Regulations 2003. TEKsystems is a company within the Allegis Group network of companies (collectively referred to as "Allegis Group"). Aerotek, Aston Carter, EASi, Talentis Solutions, TEKsystems, Stamford Consultants and The Stamford Group are Allegis Group brands. If you apply, your personal data will be processed as described in the Allegis Group Online Privacy Notice available at (url removed)> To access our Online Privacy Notice, which explains what information we may collect, use, share, and store about you, and describes your rights and choices about this, please go to (url removed)> We are part of a global network of companies and as a result, the personal data you provide will be shared within Allegis Group and transferred and processed outside the UK, Switzerland and European Economic Area subject to the protections described in the Allegis Group Online Privacy Notice. We store personal data in the UK, EEA, Switzerland and the USA. If you would like to exercise your privacy rights, please visit the "Contacting Us" section of our Online Privacy Notice at (url removed)/en-gb/privacy-notices for details on how to contact us. To protect your privacy and security, we may take steps to verify your identity, such as a password and user ID if there is an account associated with your request, or identifying information such as your address or date of birth, before proceeding with your request. If you are resident in the UK, EEA or Switzerland, we will process any access request you make in accordance with our commitments under the UK Data Protection Act, EU-U.S. Privacy Shield or the Swiss-U.S. Privacy Shield.
DevSecOps Consultant Sheffield (3 days per week onsite) Inside IR35 We're partnering with a leading financial services client to appoint a DevSecOps Consultant to drive secure engineering practices across large-scale, cloud-based platforms. This role is ideal for someone who has come from a hands-on DevSecOps Engineering background and has since transitioned into architecture/design and advisory, while still retaining strong technical depth. Key Responsibilities: Define and implement secure architecture patterns across engineering platforms (CI/CD, build systems, runtime environments) Conduct security assessments, threat modelling, and gap analysis across platforms and pipelines Develop and embed DevSecOps best practices, including secure pipeline design and automated controls Establish and enforce security baselines using policy-as-code Build and deliver security roadmaps, prioritising risk and regulatory requirements Partner with engineering and platform teams to remediate vulnerabilities and improve security posture Act as a trusted advisor to senior stakeholders, translating technical risks into business impact Key Requirements: Proven background in hands-on DevSecOps Engineering, now operating in a design/architecture-focused role Strong experience across both AWS and GCP (essential) Deep understanding of CI/CD pipelines, build tools, artifact repositories, and developer platforms Expertise in secure software delivery, vulnerability management, and platform security Experience with threat modelling, security frameworks, and maturity assessments Strong knowledge of application security, network security, and cloud security principles Excellent stakeholder management and communication skills Desirable: Experience in financial services or regulated environments Knowledge of Kubernetes and container security Familiarity with supply chain security, SBOM, and secure development practices Relevant certifications (eg CISSP, CISM, CCSP) This is a key role focused on shaping and embedding secure-by-design engineering practices across a complex, enterprise environment, with strong influence across both technology and security functions. More details available on successful application.
Jun 09, 2026
Contractor
DevSecOps Consultant Sheffield (3 days per week onsite) Inside IR35 We're partnering with a leading financial services client to appoint a DevSecOps Consultant to drive secure engineering practices across large-scale, cloud-based platforms. This role is ideal for someone who has come from a hands-on DevSecOps Engineering background and has since transitioned into architecture/design and advisory, while still retaining strong technical depth. Key Responsibilities: Define and implement secure architecture patterns across engineering platforms (CI/CD, build systems, runtime environments) Conduct security assessments, threat modelling, and gap analysis across platforms and pipelines Develop and embed DevSecOps best practices, including secure pipeline design and automated controls Establish and enforce security baselines using policy-as-code Build and deliver security roadmaps, prioritising risk and regulatory requirements Partner with engineering and platform teams to remediate vulnerabilities and improve security posture Act as a trusted advisor to senior stakeholders, translating technical risks into business impact Key Requirements: Proven background in hands-on DevSecOps Engineering, now operating in a design/architecture-focused role Strong experience across both AWS and GCP (essential) Deep understanding of CI/CD pipelines, build tools, artifact repositories, and developer platforms Expertise in secure software delivery, vulnerability management, and platform security Experience with threat modelling, security frameworks, and maturity assessments Strong knowledge of application security, network security, and cloud security principles Excellent stakeholder management and communication skills Desirable: Experience in financial services or regulated environments Knowledge of Kubernetes and container security Familiarity with supply chain security, SBOM, and secure development practices Relevant certifications (eg CISSP, CISM, CCSP) This is a key role focused on shaping and embedding secure-by-design engineering practices across a complex, enterprise environment, with strong influence across both technology and security functions. More details available on successful application.
Associate Consultant Secure Cloud / GCP / GDC DevSecOps Join RT Consultings Associate Consulting workforce Who we are RT Consulting are a trusted management consultancy and service provider. We are proud to hold the Gold Award under the Armed Forces Employer Recognition Scheme. RT are a member of the Government Digital Sustainability Alliance, bringing government, industry, and academia together to click apply for full job details
Jun 08, 2026
Contractor
Associate Consultant Secure Cloud / GCP / GDC DevSecOps Join RT Consultings Associate Consulting workforce Who we are RT Consulting are a trusted management consultancy and service provider. We are proud to hold the Gold Award under the Armed Forces Employer Recognition Scheme. RT are a member of the Government Digital Sustainability Alliance, bringing government, industry, and academia together to click apply for full job details
Associate Consultant - Secure Cloud / GCP / GDC DevSecOps Join RT Consulting's Associate Consulting workforce Who we are RT Consulting are a trusted management consultancy and service provider. We are proud to hold the Gold Award under the Armed Forces Employer Recognition Scheme. RT are a member of the Government Digital Sustainability Alliance, bringing government, industry, and academia together to improve digital sustainability outcomes for the UK government and its supply chain We deliver highly capable and effective value for money solutions to our clients as the 'customer friend' and trusted partner across Defence, Policing, Central and Local Government. We deploy consultants who ensure alignment with Government policy, stakeholder expectations, and long-term impact goals. We specialise in the delivery of Cloud & Digital Infrastructure services , including multi-cloud engineering (AWS, Azure, GCP), secure cloud platforms, DevSecOps and automation, Site Reliability Engineering, digital workplace technologies, and resilient, scalable infrastructure operations across complex and regulated environments. Your Invitation: We invite you to join our Cloud & Digital Infrastructure consulting team , where we can align you to current and upcoming demand across cloud engineering, secure platform engineering, DevSecOps/SRE, and modern infrastructure transformation. We are particularly building capability in: Google Cloud Platform (GCP) Google Distributed Cloud (GDC) / air-gapped deployments Secure-by-design cloud engineering for Defence and high-assurance environments Kubernetes, containerisation, and Infrastructure-as-Code (Terraform) This includes supporting surge activity for our defence partners delivering secure cloud services into secure environments. Engagement expectations Vetting: Due to the regulated nature of our work and our significant defence portfolio, a minimum of active SC clearance is required. DV-cleared professionals are also in high demand for secure, air-gapped GDC programmes. Working pattern: Projects typically require 2-3 days per week on-site at Southwest client locations including, Corsham & Bristol, with hybrid flexibility where permitted. Fees: Rates are aligned to engagement scope and seniority. What you'll get You join a community of specialists across Defence, Government, Policing and wider Public Sector programmes, where knowledge sharing, peer support and professional connection are part of the culture. Priority access to new consultancy opportunities, including secure GCP/GDC, DevSecOps and platform engineering workstreams. Dedicated relationship support, Ongoing contact with a Relationship Manager who provides guidance, check-ins and forward planning to help minimise gaps between assignments. An invitation to Society events, meetups and community touchpoints, we aim to ensure you feel supported, valued and engaged throughout your consultancy journey. A consultancy environment that reflects our Group Values - Integrity & Respect, Accountability, Collaboration, High Performance, Innovation, Agility, Client Centricity & People Focused. Who you are An experienced Cloud / Platform Engineering professional with capability in one or more of the following: Google Cloud Platform (GCP) or Google Distributed Cloud (GDC) DevOps, DevSecOps or Site Reliability Engineering (SRE) Platform Engineering and secure cloud design Kubernetes and container platforms (GKE / secure clusters) Infrastructure-as-Code (Terraform) Secure cloud operations (IAM, RBAC, networking, secrets management) You are comfortable working within secure, regulated environments and collaborating directly with users and stakeholders to deliver cloud capability at pace. You will need to be well versed in the direction of travel from Government, focused on digital transformation to enhance public services, improve efficiency, and meet the evolving expectations of its citizens. This shift involves modernising outdated systems, leveraging data effectively, and adopting new technologies like Artificial Intelligence (AI). The goal is a more agile, responsive, and citizen-centric government. You are comfortable operating in high-assurance, regulated environments, capable of working independently within secure delivery teams, and adept at designing, deploying and maintaining secure, modern cloud platforms. How to express interest Contact us to arrange a confidential conversation.
Jun 07, 2026
Contractor
Associate Consultant - Secure Cloud / GCP / GDC DevSecOps Join RT Consulting's Associate Consulting workforce Who we are RT Consulting are a trusted management consultancy and service provider. We are proud to hold the Gold Award under the Armed Forces Employer Recognition Scheme. RT are a member of the Government Digital Sustainability Alliance, bringing government, industry, and academia together to improve digital sustainability outcomes for the UK government and its supply chain We deliver highly capable and effective value for money solutions to our clients as the 'customer friend' and trusted partner across Defence, Policing, Central and Local Government. We deploy consultants who ensure alignment with Government policy, stakeholder expectations, and long-term impact goals. We specialise in the delivery of Cloud & Digital Infrastructure services , including multi-cloud engineering (AWS, Azure, GCP), secure cloud platforms, DevSecOps and automation, Site Reliability Engineering, digital workplace technologies, and resilient, scalable infrastructure operations across complex and regulated environments. Your Invitation: We invite you to join our Cloud & Digital Infrastructure consulting team , where we can align you to current and upcoming demand across cloud engineering, secure platform engineering, DevSecOps/SRE, and modern infrastructure transformation. We are particularly building capability in: Google Cloud Platform (GCP) Google Distributed Cloud (GDC) / air-gapped deployments Secure-by-design cloud engineering for Defence and high-assurance environments Kubernetes, containerisation, and Infrastructure-as-Code (Terraform) This includes supporting surge activity for our defence partners delivering secure cloud services into secure environments. Engagement expectations Vetting: Due to the regulated nature of our work and our significant defence portfolio, a minimum of active SC clearance is required. DV-cleared professionals are also in high demand for secure, air-gapped GDC programmes. Working pattern: Projects typically require 2-3 days per week on-site at Southwest client locations including, Corsham & Bristol, with hybrid flexibility where permitted. Fees: Rates are aligned to engagement scope and seniority. What you'll get You join a community of specialists across Defence, Government, Policing and wider Public Sector programmes, where knowledge sharing, peer support and professional connection are part of the culture. Priority access to new consultancy opportunities, including secure GCP/GDC, DevSecOps and platform engineering workstreams. Dedicated relationship support, Ongoing contact with a Relationship Manager who provides guidance, check-ins and forward planning to help minimise gaps between assignments. An invitation to Society events, meetups and community touchpoints, we aim to ensure you feel supported, valued and engaged throughout your consultancy journey. A consultancy environment that reflects our Group Values - Integrity & Respect, Accountability, Collaboration, High Performance, Innovation, Agility, Client Centricity & People Focused. Who you are An experienced Cloud / Platform Engineering professional with capability in one or more of the following: Google Cloud Platform (GCP) or Google Distributed Cloud (GDC) DevOps, DevSecOps or Site Reliability Engineering (SRE) Platform Engineering and secure cloud design Kubernetes and container platforms (GKE / secure clusters) Infrastructure-as-Code (Terraform) Secure cloud operations (IAM, RBAC, networking, secrets management) You are comfortable working within secure, regulated environments and collaborating directly with users and stakeholders to deliver cloud capability at pace. You will need to be well versed in the direction of travel from Government, focused on digital transformation to enhance public services, improve efficiency, and meet the evolving expectations of its citizens. This shift involves modernising outdated systems, leveraging data effectively, and adopting new technologies like Artificial Intelligence (AI). The goal is a more agile, responsive, and citizen-centric government. You are comfortable operating in high-assurance, regulated environments, capable of working independently within secure delivery teams, and adept at designing, deploying and maintaining secure, modern cloud platforms. How to express interest Contact us to arrange a confidential conversation.
AWS DevOps Engineer - Cloud Native SC Cleared AWS Kubernetes Terraform Cloud Native Engineering Location: London Manchester Bristol (Hybrid Working) Salary: Consultant: 70,000 - 80,000 Senior Consultant: 80,000 - 90,000 + Bonus Security Clearance: Active SC Clearance Required Headcount: 10 Positions Available Build and Scale Mission-Critical Cloud Platforms We are hiring multiple AWS Cloud Native DevOps Engineers to join a leading cloud and engineering practice delivering secure, scalable, cloud-native solutions across complex, high-profile programmes. This is an opportunity to work on large-scale cloud transformation initiatives where automation, resilience, security, and performance are critical. You will work alongside highly skilled engineers using modern DevOps tooling and cloud-native technologies to build and optimise enterprise AWS environments. If you are passionate about cloud engineering, infrastructure automation, CI/CD, and platform reliability, this role offers the chance to work on meaningful projects while accelerating your technical and professional development. The Role You will be responsible for: Designing, building, and managing AWS cloud environments Developing Infrastructure as Code using Terraform, CloudFormation, or Pulumi Building and maintaining CI/CD pipelines using tools such as GitLab CI, Jenkins, or ArgoCD Deploying and managing containerised workloads with Docker and Kubernetes Implementing monitoring, logging, and observability solutions using Prometheus, Grafana, ELK, and CloudWatch Improving platform scalability, automation, resilience, and security Working within Agile delivery teams across complex transformation programmes Supporting DevSecOps and Zero Trust security best practices Skills and Experience We are looking for engineers with experience in: AWS cloud infrastructure deployment and management Infrastructure as Code (Terraform, CloudFormation, or Pulumi) CI/CD pipeline engineering Docker and Kubernetes Scripting and automation using Python, Bash, or PowerShell AWS networking including VPCs, subnets, and security groups Monitoring and observability tooling Troubleshooting and optimising cloud infrastructure Working within secure or regulated environments What's on Offer Exposure to enterprise-scale cloud transformation programmes Access to industry-leading training and certifications Clear progression opportunities across engineering and consulting pathways Flexible hybrid working model Collaborative engineering culture focused on innovation and continuous improvement Opportunity to work on nationally significant projects using modern cloud technologies Security Clearance Due to the nature of the work, candidates must hold active UK SC Clearance to be considered. Apply If you are an AWS DevOps Engineer looking to work on complex cloud-native projects within a high-performing engineering environment, apply now for a confidential discussion.
Jun 06, 2026
Full time
AWS DevOps Engineer - Cloud Native SC Cleared AWS Kubernetes Terraform Cloud Native Engineering Location: London Manchester Bristol (Hybrid Working) Salary: Consultant: 70,000 - 80,000 Senior Consultant: 80,000 - 90,000 + Bonus Security Clearance: Active SC Clearance Required Headcount: 10 Positions Available Build and Scale Mission-Critical Cloud Platforms We are hiring multiple AWS Cloud Native DevOps Engineers to join a leading cloud and engineering practice delivering secure, scalable, cloud-native solutions across complex, high-profile programmes. This is an opportunity to work on large-scale cloud transformation initiatives where automation, resilience, security, and performance are critical. You will work alongside highly skilled engineers using modern DevOps tooling and cloud-native technologies to build and optimise enterprise AWS environments. If you are passionate about cloud engineering, infrastructure automation, CI/CD, and platform reliability, this role offers the chance to work on meaningful projects while accelerating your technical and professional development. The Role You will be responsible for: Designing, building, and managing AWS cloud environments Developing Infrastructure as Code using Terraform, CloudFormation, or Pulumi Building and maintaining CI/CD pipelines using tools such as GitLab CI, Jenkins, or ArgoCD Deploying and managing containerised workloads with Docker and Kubernetes Implementing monitoring, logging, and observability solutions using Prometheus, Grafana, ELK, and CloudWatch Improving platform scalability, automation, resilience, and security Working within Agile delivery teams across complex transformation programmes Supporting DevSecOps and Zero Trust security best practices Skills and Experience We are looking for engineers with experience in: AWS cloud infrastructure deployment and management Infrastructure as Code (Terraform, CloudFormation, or Pulumi) CI/CD pipeline engineering Docker and Kubernetes Scripting and automation using Python, Bash, or PowerShell AWS networking including VPCs, subnets, and security groups Monitoring and observability tooling Troubleshooting and optimising cloud infrastructure Working within secure or regulated environments What's on Offer Exposure to enterprise-scale cloud transformation programmes Access to industry-leading training and certifications Clear progression opportunities across engineering and consulting pathways Flexible hybrid working model Collaborative engineering culture focused on innovation and continuous improvement Opportunity to work on nationally significant projects using modern cloud technologies Security Clearance Due to the nature of the work, candidates must hold active UK SC Clearance to be considered. Apply If you are an AWS DevOps Engineer looking to work on complex cloud-native projects within a high-performing engineering environment, apply now for a confidential discussion.
AWS Cloud Native DevOps Engineer SC Cleared AWS Kubernetes Terraform Locations: Manchester London Bristol (Hybrid) Salary: Consultant: 70,000 - 80,000 Senior Consultant: 80,000 - 90,000 + Bonus Security Clearance: Active SC Clearance Required Headcount: 10 Positions The Opportunity We are hiring AWS Cloud Native DevOps Engineers to join a leading cloud engineering practice delivering secure, scalable, mission-critical solutions across major transformation programmes. This role offers the opportunity to work with modern cloud-native technologies, enterprise AWS platforms, and highly skilled engineering teams focused on automation, resilience, and security. What You'll Be Doing Designing, building, and managing AWS cloud infrastructure Developing Infrastructure as Code using Terraform, CloudFormation, or Pulumi Building and maintaining CI/CD pipelines using GitLab CI, Jenkins, or ArgoCD Managing containerised environments with Docker and Kubernetes Implementing monitoring and observability solutions including Prometheus, Grafana, ELK, and CloudWatch Improving platform scalability, automation, performance, and security Working within Agile delivery teams on large-scale cloud programmes Supporting DevSecOps and Zero Trust security best practices Skills Required Strong AWS infrastructure experience Infrastructure as Code expertise CI/CD pipeline engineering Docker and Kubernetes Python, Bash, or PowerShell scripting AWS networking knowledge including VPCs and security groups Monitoring and logging experience Strong troubleshooting and problem-solving skills Experience working in secure or regulated environments What's On Offer Enterprise-scale cloud transformation projects Modern engineering environment and tooling Access to training and certifications Clear progression opportunities Flexible hybrid working Collaborative and high-performing engineering culture Clearance Requirement Candidates must hold active UK SC Clearance to be considered. Apply If you are an AWS DevOps Engineer looking for your next challenge in cloud-native engineering, apply now for a confidential discussion.
Jun 06, 2026
Full time
AWS Cloud Native DevOps Engineer SC Cleared AWS Kubernetes Terraform Locations: Manchester London Bristol (Hybrid) Salary: Consultant: 70,000 - 80,000 Senior Consultant: 80,000 - 90,000 + Bonus Security Clearance: Active SC Clearance Required Headcount: 10 Positions The Opportunity We are hiring AWS Cloud Native DevOps Engineers to join a leading cloud engineering practice delivering secure, scalable, mission-critical solutions across major transformation programmes. This role offers the opportunity to work with modern cloud-native technologies, enterprise AWS platforms, and highly skilled engineering teams focused on automation, resilience, and security. What You'll Be Doing Designing, building, and managing AWS cloud infrastructure Developing Infrastructure as Code using Terraform, CloudFormation, or Pulumi Building and maintaining CI/CD pipelines using GitLab CI, Jenkins, or ArgoCD Managing containerised environments with Docker and Kubernetes Implementing monitoring and observability solutions including Prometheus, Grafana, ELK, and CloudWatch Improving platform scalability, automation, performance, and security Working within Agile delivery teams on large-scale cloud programmes Supporting DevSecOps and Zero Trust security best practices Skills Required Strong AWS infrastructure experience Infrastructure as Code expertise CI/CD pipeline engineering Docker and Kubernetes Python, Bash, or PowerShell scripting AWS networking knowledge including VPCs and security groups Monitoring and logging experience Strong troubleshooting and problem-solving skills Experience working in secure or regulated environments What's On Offer Enterprise-scale cloud transformation projects Modern engineering environment and tooling Access to training and certifications Clear progression opportunities Flexible hybrid working Collaborative and high-performing engineering culture Clearance Requirement Candidates must hold active UK SC Clearance to be considered. Apply If you are an AWS DevOps Engineer looking for your next challenge in cloud-native engineering, apply now for a confidential discussion.
Application Security Engineer (London or Bristol) We are HealthHero, Europe's largest digital clinic. Join us at a pivotal moment as we scale our digital healthcare platform across Europe - giving you the chance to shape security at the heart of a fast-growing, AI-driven business. We are recruiting an exciting Application Security Engineer on an initial 12 month fixed term contract, with a view to becoming permanent - based in either our London or Bristol office two days per week. About the role You will own security across the software development lifecycle, embedding automated security testing into CI/CD pipelines and enabling development teams to ship secure code quickly. This role works closely with UK and France engineering teams. As an experienced Application Security Engineer, your working day will include but not be limited to: DevSecOps & Pipeline Security Implement and maintain security testing in GitLab CI pipelines Configure and tune SAST, DAST, dependency scanning, and secrets detection Build automated security gates that balance rigour with delivery velocity Enable self-serve security tooling for development teams Contribute code and patches to security tooling and configurations Secure Development Define and enforce secure coding standards Conduct security-focused code reviews and threat modelling for new features Provide remediation guidance for application vulnerabilities Train and support developers on secure coding practices Vulnerability Management Triage, patch and track application vulnerabilities through to remediation Manage dependency vulnerabilities and upgrade cycles Report on application security posture to senior leadership Risk & Compliance Embed GDPR and healthcare regulatory requirements into development processes Support DCB0129 clinical safety compliance for software changes Support customer security due diligence and audits Support ISO27001:2022 ISMS controls and audit process Key Skills and Experience Essential: 3+ years in application security, DevSecOps, and secure software development Hands-on experience with CI/CD security integration (GitLab CI or similar) Familiarity with SAST/DAST tooling and dependency scanning Understanding of common vulnerabilities (OWASP Top 10) and remediation Previous experience working as a back end or full stack developer Knowledge of GDPR and data protection legislation Strong communicator; able to translate security requirements for developers Desirable: Development background with security focus Familiarity with SIEM platforms (Snowbit, Splunk, Sentinel) Experience with CSPM tooling (Wiz, Prisma Cloud, or similar) Penetration testing or bug bounty experience Experience in regulated environments (healthcare, financial services) Familiarity with threat modelling frameworks (STRIDE, PASTA) About us We exist to simplify healthcare and improve lives by making care feel instant, intelligent and human. HealthHero is Europe's largest digital health provider , delivering 4 million consultations per year. But we're just getting started. We've built a seamless digital clinic that brings body and mind together - from GP appointments and mental health support to long-term condition management. By sitting behind the world's leading insurers and employers and supporting public health systems, we make it easier for millions of people to get the care they need, exactly when they need it. We are a high-growth, capital-backed business with a sophisticated scale strategy. Our team is a unique blend of those with strong digital experience, management consultants, creatives and industry-leading clinical experts. We aren't just digitising appointments; we're building the next generation of healthcare. We're creating an AI-powered, always-on ecosystem that learns from every interaction to shift the needle from reactive treatment to proactive, sustainable health. At HealthHero, we are digital when it should be and human where it counts. Join us, and help build a next generation health system the world is waiting for. We're proud to be recognised as a which reflects our commitment to creating a supportive and engaging culture. We have also been featured as the fastest growing digital healthcare company of scale in the first Sunday Times 100 Tech list. This recognition shows our impact in the digital health sector and our dedication to innovation and excellence. Committed to achieving excellence in the delivery of person-centred care, we invest in people, resources and technology to continuously improve the quality of its services and organisational culture. What we offer A full induction training programme, which will be undertaken via Microsoft Teams. An opportunity to work as part of an experienced team who are passionate in their field, supportive, diverse and dynamic. 25 days leave. Bank Holidays and your birthday off as leave. Regular 1-2-1s with your line Manager. 24/7 on-call staff support. Auto-enrolment pension scheme. Health Scheme and access to our Employee Assistance Programme. Life Insurance Scheme. Apply If you are interested in making a difference and believe this role is a good fit for you, we would love to hear from you. If you have any questions, please contact our Recruitment Team at Hybrid: London or Bristol (There is a requirement to work in the office for a minimum of two days per week) Closing date for applications: Friday 29 May (5pm) Additional information We reserve the right to close this job in the event we receive a sufficient number of applications. Please note that we are unfortunately unable to offer a sponsor licence to candidates who require sponsorship from their employer.
Jun 06, 2026
Full time
Application Security Engineer (London or Bristol) We are HealthHero, Europe's largest digital clinic. Join us at a pivotal moment as we scale our digital healthcare platform across Europe - giving you the chance to shape security at the heart of a fast-growing, AI-driven business. We are recruiting an exciting Application Security Engineer on an initial 12 month fixed term contract, with a view to becoming permanent - based in either our London or Bristol office two days per week. About the role You will own security across the software development lifecycle, embedding automated security testing into CI/CD pipelines and enabling development teams to ship secure code quickly. This role works closely with UK and France engineering teams. As an experienced Application Security Engineer, your working day will include but not be limited to: DevSecOps & Pipeline Security Implement and maintain security testing in GitLab CI pipelines Configure and tune SAST, DAST, dependency scanning, and secrets detection Build automated security gates that balance rigour with delivery velocity Enable self-serve security tooling for development teams Contribute code and patches to security tooling and configurations Secure Development Define and enforce secure coding standards Conduct security-focused code reviews and threat modelling for new features Provide remediation guidance for application vulnerabilities Train and support developers on secure coding practices Vulnerability Management Triage, patch and track application vulnerabilities through to remediation Manage dependency vulnerabilities and upgrade cycles Report on application security posture to senior leadership Risk & Compliance Embed GDPR and healthcare regulatory requirements into development processes Support DCB0129 clinical safety compliance for software changes Support customer security due diligence and audits Support ISO27001:2022 ISMS controls and audit process Key Skills and Experience Essential: 3+ years in application security, DevSecOps, and secure software development Hands-on experience with CI/CD security integration (GitLab CI or similar) Familiarity with SAST/DAST tooling and dependency scanning Understanding of common vulnerabilities (OWASP Top 10) and remediation Previous experience working as a back end or full stack developer Knowledge of GDPR and data protection legislation Strong communicator; able to translate security requirements for developers Desirable: Development background with security focus Familiarity with SIEM platforms (Snowbit, Splunk, Sentinel) Experience with CSPM tooling (Wiz, Prisma Cloud, or similar) Penetration testing or bug bounty experience Experience in regulated environments (healthcare, financial services) Familiarity with threat modelling frameworks (STRIDE, PASTA) About us We exist to simplify healthcare and improve lives by making care feel instant, intelligent and human. HealthHero is Europe's largest digital health provider , delivering 4 million consultations per year. But we're just getting started. We've built a seamless digital clinic that brings body and mind together - from GP appointments and mental health support to long-term condition management. By sitting behind the world's leading insurers and employers and supporting public health systems, we make it easier for millions of people to get the care they need, exactly when they need it. We are a high-growth, capital-backed business with a sophisticated scale strategy. Our team is a unique blend of those with strong digital experience, management consultants, creatives and industry-leading clinical experts. We aren't just digitising appointments; we're building the next generation of healthcare. We're creating an AI-powered, always-on ecosystem that learns from every interaction to shift the needle from reactive treatment to proactive, sustainable health. At HealthHero, we are digital when it should be and human where it counts. Join us, and help build a next generation health system the world is waiting for. We're proud to be recognised as a which reflects our commitment to creating a supportive and engaging culture. We have also been featured as the fastest growing digital healthcare company of scale in the first Sunday Times 100 Tech list. This recognition shows our impact in the digital health sector and our dedication to innovation and excellence. Committed to achieving excellence in the delivery of person-centred care, we invest in people, resources and technology to continuously improve the quality of its services and organisational culture. What we offer A full induction training programme, which will be undertaken via Microsoft Teams. An opportunity to work as part of an experienced team who are passionate in their field, supportive, diverse and dynamic. 25 days leave. Bank Holidays and your birthday off as leave. Regular 1-2-1s with your line Manager. 24/7 on-call staff support. Auto-enrolment pension scheme. Health Scheme and access to our Employee Assistance Programme. Life Insurance Scheme. Apply If you are interested in making a difference and believe this role is a good fit for you, we would love to hear from you. If you have any questions, please contact our Recruitment Team at Hybrid: London or Bristol (There is a requirement to work in the office for a minimum of two days per week) Closing date for applications: Friday 29 May (5pm) Additional information We reserve the right to close this job in the event we receive a sufficient number of applications. Please note that we are unfortunately unable to offer a sponsor licence to candidates who require sponsorship from their employer.
DevSecOps Consultant Sheffield (3 days per week onsite) Inside IR35 We're partnering with a leading financial services client to appoint a DevSecOps Consultant to drive secure engineering practices across large-scale, cloud-based platforms. This role is ideal for someone who has come from a hands-on DevSecOps Engineering background and has since transitioned into architecture/design and advisory, while still retaining strong technical depth. Key Responsibilities: Define and implement secure architecture patterns across engineering platforms (CI/CD, build systems, runtime environments) Conduct security assessments, threat modelling, and gap analysis across platforms and pipelines Develop and embed DevSecOps best practices, including secure pipeline design and automated controls Establish and enforce security baselines using policy-as-code Build and deliver security roadmaps, prioritising risk and regulatory requirements Partner with engineering and platform teams to remediate vulnerabilities and improve security posture Act as a trusted advisor to senior stakeholders, translating technical risks into business impact Key Requirements: Proven background in hands-on DevSecOps Engineering, now operating in a design/architecture-focused role Strong experience across both AWS and GCP (essential) Deep understanding of CI/CD pipelines, build tools, artifact repositories, and developer platforms Expertise in secure software delivery, vulnerability management, and platform security Experience with threat modelling, security frameworks, and maturity assessments Strong knowledge of application security, network security, and cloud security principles Excellent stakeholder management and communication skills Desirable: Experience in financial services or regulated environments Knowledge of Kubernetes and container security Familiarity with supply chain security, SBOM, and secure development practices Relevant certifications (eg CISSP, CISM, CCSP) This is a key role focused on shaping and embedding secure-by-design engineering practices across a complex, enterprise environment, with strong influence across both technology and security functions. More details available on successful application.
Jun 05, 2026
Contractor
DevSecOps Consultant Sheffield (3 days per week onsite) Inside IR35 We're partnering with a leading financial services client to appoint a DevSecOps Consultant to drive secure engineering practices across large-scale, cloud-based platforms. This role is ideal for someone who has come from a hands-on DevSecOps Engineering background and has since transitioned into architecture/design and advisory, while still retaining strong technical depth. Key Responsibilities: Define and implement secure architecture patterns across engineering platforms (CI/CD, build systems, runtime environments) Conduct security assessments, threat modelling, and gap analysis across platforms and pipelines Develop and embed DevSecOps best practices, including secure pipeline design and automated controls Establish and enforce security baselines using policy-as-code Build and deliver security roadmaps, prioritising risk and regulatory requirements Partner with engineering and platform teams to remediate vulnerabilities and improve security posture Act as a trusted advisor to senior stakeholders, translating technical risks into business impact Key Requirements: Proven background in hands-on DevSecOps Engineering, now operating in a design/architecture-focused role Strong experience across both AWS and GCP (essential) Deep understanding of CI/CD pipelines, build tools, artifact repositories, and developer platforms Expertise in secure software delivery, vulnerability management, and platform security Experience with threat modelling, security frameworks, and maturity assessments Strong knowledge of application security, network security, and cloud security principles Excellent stakeholder management and communication skills Desirable: Experience in financial services or regulated environments Knowledge of Kubernetes and container security Familiarity with supply chain security, SBOM, and secure development practices Relevant certifications (eg CISSP, CISM, CCSP) This is a key role focused on shaping and embedding secure-by-design engineering practices across a complex, enterprise environment, with strong influence across both technology and security functions. More details available on successful application.
Job Description: DevSecOps Engineer Location: London (Hybrid) Engagement Type: Day Rate Contract (Inside IR35) The Assignment This is a high-impact, tactical consulting role. Our client has security tooling in flightincluding Snyk, SonarQube, and automated pipelinesbut they need an consultant to make it land click apply for full job details
Jun 05, 2026
Full time
Job Description: DevSecOps Engineer Location: London (Hybrid) Engagement Type: Day Rate Contract (Inside IR35) The Assignment This is a high-impact, tactical consulting role. Our client has security tooling in flightincluding Snyk, SonarQube, and automated pipelinesbut they need an consultant to make it land click apply for full job details
Azure Lead Software Security Engineer with Development Background, DevSecOps, Mainly Remote Software Security Engineer Lead is required to work for a fast-growing and exciting company based in Central London. However, this will mainly be remote. Please read in full before applying We need someone with a Microsoft tech-stack background who has experience as a Azure DevSecOps Consultant or even a good old fashioned Unix / Linux Systems Administrator. We want someone with a development / some form of coding background who has blossomed into Software Security / Cloud Security engineer. We NEED for you to have strong Azure skills, NOT AWS although a blend would be acceptable. Rather than someone from a bog-standard IT Operations background, we NEED you to have come from a Development background and you MUST have a good grounding within Software Development as you will mainly working with Developers and need to be able speak their language and develop trust with them. This role was very successfully introduce into this company 2 years ago and as such they need someone to pick up the baton and continue to develop the function. You will be working with a crossfunctional teams and as such you need to have strong communication skills to be able to work various functions. There will opportunity to grow yourself and a team as the company matures. This role is a lead "hands on" role and is perfect for some who has come from a consultancy background with appropriate hands on skills. A passion a modern security approach is paramount, where you help teams build security into their daily work life and are always looking automate, streamline and shift left with compermise of quality and overall security. Read on for more details Experience Required: Demonstrable experience as a Systems Administrator or Software Developer or both! Expert Knowledge of Cloud Security Passion for DevSecOps and with knowledge of Terraform, Bicep, Sonar Clous, Wiz, and other security product like Trivy Experience with cloud computing platforms such as Microsoft Azure A strong understanding of software development methodologies and practices Ability to Rapid Risk Assessment and Threat Modeling Other technical skills required: Azure Security Monitoring including Application Insights, and SIEM Excellent communication skills to guarantee stakeholder alignment and successful outcomes at all stages of Product delivery and ongoing support. This is a great opportunity and salary is dependent upon experience. Apply now for more details.
Sep 24, 2025
Full time
Azure Lead Software Security Engineer with Development Background, DevSecOps, Mainly Remote Software Security Engineer Lead is required to work for a fast-growing and exciting company based in Central London. However, this will mainly be remote. Please read in full before applying We need someone with a Microsoft tech-stack background who has experience as a Azure DevSecOps Consultant or even a good old fashioned Unix / Linux Systems Administrator. We want someone with a development / some form of coding background who has blossomed into Software Security / Cloud Security engineer. We NEED for you to have strong Azure skills, NOT AWS although a blend would be acceptable. Rather than someone from a bog-standard IT Operations background, we NEED you to have come from a Development background and you MUST have a good grounding within Software Development as you will mainly working with Developers and need to be able speak their language and develop trust with them. This role was very successfully introduce into this company 2 years ago and as such they need someone to pick up the baton and continue to develop the function. You will be working with a crossfunctional teams and as such you need to have strong communication skills to be able to work various functions. There will opportunity to grow yourself and a team as the company matures. This role is a lead "hands on" role and is perfect for some who has come from a consultancy background with appropriate hands on skills. A passion a modern security approach is paramount, where you help teams build security into their daily work life and are always looking automate, streamline and shift left with compermise of quality and overall security. Read on for more details Experience Required: Demonstrable experience as a Systems Administrator or Software Developer or both! Expert Knowledge of Cloud Security Passion for DevSecOps and with knowledge of Terraform, Bicep, Sonar Clous, Wiz, and other security product like Trivy Experience with cloud computing platforms such as Microsoft Azure A strong understanding of software development methodologies and practices Ability to Rapid Risk Assessment and Threat Modeling Other technical skills required: Azure Security Monitoring including Application Insights, and SIEM Excellent communication skills to guarantee stakeholder alignment and successful outcomes at all stages of Product delivery and ongoing support. This is a great opportunity and salary is dependent upon experience. Apply now for more details.
