CrawlJobs Logo
Whitehall Resources Ltd Logo Whitehall Resources Ltd · IT - Administration

DevSecOps Security Consultant

United Kingdom · Job Posted May 03, 2026
Apply Position
Job Link Share

Job Description

We are seeking a highly skilled and experienced Senior Cybersecurity SME / Consultant to join the Engineering Excellence and Enablement team. The successful candidate will work across global engineering platforms to benchmark, uplift, and continuously evolve cybersecurity maturity. The successful candidate will play a critical role in ensuring that build systems, runtime infrastructure, and developer tooling are secure by design, while enabling rapid and resilient software delivery across the bank. This role offers a unique opportunity to shape the cybersecurity posture of engineering platforms at one of the world’s leading financial institutions, ensuring the bank can deliver digital services securely, reliably, and at scale.

Job Responsibility

  • Develop and maintain an Engineering-Platform Cybersecurity Maturity Framework to standardise assessments across platforms
  • Conduct comprehensive platform security reviews (build systems, CI/CD pipelines, runtime infrastructure, developer tooling) against defined framework criteria
  • Perform threat modelling and gap analysis, identifying vulnerabilities and systemic risks impacting source code, artifacts, and workloads
  • Establish standardised secure architecture and engineering patterns for build systems, CI/CD pipelines, runtime environments, and developer tooling
  • Define and enforce platform security baselines using policy-as-code and automated controls
  • Partner with platform owners to remediate critical gaps and implement scalable solutions for artifact integrity, access control, and configuration security
  • Integrate vulnerability management, SBOM, provenance, and code-signing practices within engineering workflows
  • Prioritise identified gaps based on business risk, regulatory impact, and operational criticality
  • Collaborate with platform owners and engineering leads to build actionable security roadmaps, balancing quick wins with long-term strategic improvements
  • Partner with engineering teams to design, develop, and embed security patterns and best practices into engineering platforms
  • Serve as a trusted advisor to platform owners, senior technology stakeholders, and Cybersecurity leadership, translating technical risks into business impact
  • Represent the function in key governance forums, providing updates on maturity progress, roadmap delivery, and risk posture
  • Influence and align stakeholders across federated engineering teams to ensure consistent adoption of cybersecurity best practices
  • Track and report maturity scores, ensuring measurable improvement across platforms
  • Continuously evolve the maturity framework in response to emerging threats, technology evolution, and regulatory expectations
  • Drive a culture of secure-by-design engineering through engagement, advocacy, and knowledge sharing

Requirements

  • Proven expertise in Cybersecurity within large-scale, regulated financial institutions or similarly complex environments
  • Deep technical knowledge of engineering platforms, including CI/CD systems, build tools, artifact repositories, runtime environments, and developer tooling
  • Strong experience with DevSecOps practices, including secure pipeline design, integration of security scanning tools, and automation of security controls
  • Strong knowledge and understanding of service mesh, cryptography, network security, application security, vulnerability management, and risk management
  • Demonstrable ability to conduct threat modelling, platform security assessments, and gap analysis
  • Experience building and implementing maturity models, frameworks, or roadmaps in complex enterprise environments
  • Strong stakeholder management skills, with the ability to influence senior leadership and drive change across federated technology teams
  • Excellent communication skills, with the ability to translate technical risk into business impact

Nice to have

  • Professional certifications such as CISSP, CISM, CCSK, CCSP, or equivalent
  • Hands-on knowledge of cloud security (AWS, Azure, GCP) and container orchestration platforms (e.g., Kubernetes)
  • Experience in international and diverse environments, with exposure to regulatory engagement
  • Familiarity with engineering excellence practices such as SLSA, supply chain security, SBOM, or secure developer tooling initiatives
Whitehall Resources Ltd - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

DevSecOps Security Consultant

8 matching positions

New

Senior Security Consultant (DevSecOps)

The primary responsibility of the Security Services Consultant - DevSecOps is to...
Location
Location
France , Paris
Salary
Salary:
Not provided
paloaltonetworks.it Logo
Palo Alto Networks Italia
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s Degree in Computer Science or similar field
  • Two or more years of experience in a technical / implementation role deploying enterprise software
  • Two or more years of experience in a developer role
  • Demonstrable knowledge of Information Security and Network Architecture concepts
  • Familiarity with software lifecycle and orchestration tooling
  • Demonstrated ability to assume sole and independent responsibilities
  • Ability to keep track of numerous detail-intensive, independent tasks and ensure accurate completion
  • Ability to train technical users
  • Ability to conduct technical presentations
  • Experience with UNIX operating systems
Job Responsibility
Job Responsibility
  • Lead on-site and remote implementations and onboarding engagements with customers
  • Assist customers with developing, managing, and executing project plans and timelines
  • Assist customers with integration patterns with developer pipeline and orchestration tooling
  • Help maintain customer relationships and identify opportunities for growth
  • Collaborate in the ongoing development of training materials and curricula
  • Collaborate and mentor the team on consulting and development activities
  • Support the Security Services - DevSecOps team by assisting with technical escalations support duties
  • Collaborate with other CyberArk departments to ensure coordination and completion of all additional implementation-related tasks
  • Fulltime
Read More
Arrow Right
New

Senior Security Consultant (DevSecOps)

Location
Location
France , Paris
Salary
Salary:
Not provided
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s Degree in Computer Science or similar field
  • Two or more years of experience in a technical / implementation role deploying enterprise software
  • Two or more years of experience in a developer role
  • Demonstrable knowledge of Information Security and Network Architecture concepts
  • Familiarity with software lifecycle and orchestration tooling
  • Demonstrated ability to assume sole and independent responsibilities
  • Ability to keep track of numerous detail-intensive, independent tasks and ensure accurate completion
  • Ability to train technical users
  • Ability to conduct technical presentations
  • Experience with UNIX operating systems
Job Responsibility
Job Responsibility
  • Lead on-site and remote implementations and onboarding engagements with customers
  • Assist customers with developing, managing, and executing project plans and timelines
  • Assist customers with integration patterns with developer pipeline and orchestration tooling
  • Help maintain customer relationships and identify opportunities for growth
  • Collaborate in the ongoing development of training materials and curricula
  • Collaborate and mentor the team on consulting and development activities
  • Support the Security Services - DevSecOps team by assisting with technical escalations support duties
  • Collaborate with other CyberArk departments to ensure coordination and completion of all additional implementation-related tasks
  • Up to 30% travel
  • Fulltime
Read More
Arrow Right
New

Security Consultant

Join Barclays as a Security Consultant - At Barclays, we are shaping the future ...
Location
Location
United Kingdom , Knutsford
Salary
Salary:
Not provided
barclays.co.uk Logo
Barclays
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Conduct AI security architecture and solution design reviews to ensure secure-by-design implementation
  • Demonstrate strong knowledge of Gen AI, LLM, and agentic AI threats (e.g., prompt injection, model misuse, data leakage)
  • Apply deep expertise in cloud, SaaS, and data protection security across modern platforms
Job Responsibility
Job Responsibility
  • Execution of security risk assessments and building threat models during the change & development lifecycle
  • Enablement of DevSecOps (and shift left), by providing engagement channels for customers and stakeholders
  • Support and guidance to CISO, CIO and Product Team functions providing security reviews for prospective 3rd party technology products and services
  • Transfer of residual risks to the business/customer
  • Collaboration with stakeholder and IT teams to support incident response and investigations
  • Participation in the development and maintenance of security policies, standards and procedures
What we offer
What we offer
  • Competitive holiday allowance
  • Life assurance
  • Private medical care
  • Pension contribution
  • Fulltime
Read More
Arrow Right

Lead Security Consultant

Join us at Barclays as a Lead Security Consultant. At Barclays, we are committed...
Location
Location
United Kingdom , Knutsford
Salary
Salary:
Not provided
barclays.co.uk Logo
Barclays
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Secure by Design – Strong understanding of embedding security principles into solution architecture and system development lifecycles, ensuring security controls are proactively integrated rather than retrofitted
  • Threat Modelling – Experience identifying potential threats, attack vectors, and security weaknesses across applications, infrastructure, and data platforms, with the ability to recommend effective mitigations
  • Security Assessment Scoping – Ability to define and scope security assessments, penetration testing engagements, and risk reviews to ensure appropriate coverage and alignment with business and regulatory requirements
Job Responsibility
Job Responsibility
  • Execution of security risk assessments and building threat models during the change & development lifecycle in order to identify vulnerabilities within the banks IT systems, applications and infrastructure, ensuring that compensating security controls and countermeasures are embedded in order to enhance security posture and resilience against cyber threats provision of timely communication of key findings and recommendations to stakeholders
  • Enablement of DevSecOps (and shift left), by providing engagement channels for customers and stakeholders who wish to engage early seeking security advice and input into their business plans and opportunities, or technology change designs, influencing key stakeholders in COO and CSO to create security strategies to enable business and technology evolution
  • Support and guidance to CISO, CIO and Product Team functions providing security reviews for prospective 3rd party technology products and services
  • Transfer of residual risks to the business/customer as required by the bank’s enterprise risk management framework
  • Collaboration with stakeholder and IT teams to support incident response and investigations using their knowledge of the banks technology systems sharing security insights
  • Participation in the development and maintenance of security policies, standards and procedures aligned to the banks risk tolerance, regulatory requirements and industry best practice
What we offer
What we offer
  • Competitive holiday allowance
  • Life assurance
  • Private medical care
  • Pension contribution
  • Fulltime
Read More
Arrow Right

Technical Security Consultant

We are looking for a Technical Security Consultants to work as part of our Secur...
Location
Location
Salary
Salary:
Not provided
admiralgroup.co.uk Logo
Admiral Group Plc
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Technical background, with knowledge of one or more of the following, Development, IT support, Data Science, networking or system administration
  • Experience of conducting risk assessments, threat models or security consulting for Generative AI systems
  • Deep knowledge and understanding of Cloud migration and Application Security development lifecycle and DevSecOps principles, automation, and familiarity with security architecture modelling
  • Knowledge and experience of securing Azure and/or Google Cloud Platforms
  • Knowledge and experience of using at least one risk methodology
  • Security Software as a Service implementations
  • Strong stakeholder management and communication skills and a proven track record of working with businesses to meet strategic objectives
  • Ability to discuss highly complex and technical problems and solutions in business language
  • Experienced in cyber security frameworks such as NIST, CIS20, MITRE Attack and STRIDE
Job Responsibility
Job Responsibility
  • Understand the Strategic Business Objectives, actively contribute to achieving them
  • Provide technical security consultancy to the change delivery functions – agile & waterfall
  • Assess security posture in CI/CD pipelines and support improvement
  • Support the Security Champions Programme and DevSecOps
  • Understand and deliver security assessments, threat modelling and security consultancy for Generative AI and Machine Learning
  • Liaise and collaborate with technical stakeholders within Agile Tribes, Projects, and Programmes
  • Assess changes for technical vulnerabilities, threat models, assess security risk exposure, and identify appropriate controls to bring the risk within tolerance
  • Engage effectively with specialists in Security Architecture, Security Operations, Security Culture, Security Delivery, and Security Risk and Governance teams to ensure completeness and consistency of the advice provided to delivery functions
  • Perform design reviews to ensure security principles and controls are included from design phase
  • Ensure advice provided is of a high standard and based on best practice, supported by Security Leadership and withing the cost and risk tolerance of the organisation
What we offer
What we offer
  • Everyone receives 33 days holiday (including bank holidays) when they join us, increasing the longer you stay with us, up to a maximum of 38 days (including bank holidays)
  • You also have the option to buy or sell up to an additional five days of annual leave
  • Share package
  • Career growth and development opportunities
  • Financial & Mortgage Advice
  • 24-Hour Ecare
  • Cycle to Work Scheme
  • Annual Holiday Allowance
  • Flexible Working
  • Simply Health
  • Fulltime
Read More
Arrow Right

Cyber Security Consultant

Strengthen cyber risk management system, in a context of evolving threats, incre...
Location
Location
India , Bengaluru
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10 to 15 years experience
  • Risk analysis methodologies (ISO 27005, NIST RMF, optional EBIOS RM)
  • In-depth knowledge of network, application and cloud architecture
  • Security best practices (OWASP, CIS Benchmarks, NIST SP 80053)
  • Understanding of IAM/PAM, DevSecOps, API security
  • CRISC / CISSP certified
  • ISO 27005 / CISM
  • Ability to analyze and formalize
  • Autonomy, strength of proposal
  • Pedagogy and effective communication
Job Responsibility
Job Responsibility
  • Strengthen cyber risk management system
  • Cyber Risk Analysis
  • identification and assessment of vulnerabilities
  • definition of remediation plans
  • support for project and operational teams in risk management
  • Carrying out risk analyses on applications, infrastructures, flows, IT projects and exposed devices
  • Assessment of threat scenarios, business impacts, and probability of occurrence
  • Analysis of deviations from internal standards and recommendations
  • Review of the risks related to service providers, SaaS/IaaS/PaaS providers
  • Evaluation of the security measures taken, risk scoring, definition of action plans
Read More
Arrow Right

Technical Architect

Lead the design, modernization, and implementation of scalable, secure, and resi...
Location
Location
United States , Armonk
Salary
Salary:
247319.00 - 250000.00 USD / Year
nytimes.com Logo
The New York Times
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree or equivalent in Computer Science, Information Technology, Engineering or related and five (5) years of experience as a Consultant Architect, Virtualization Architect, Senior Cloud Architect or related
  • Five (5) years of experience must include utilizing Hybrid Cloud, AWS, Azure, Red Hat Linux, Terraform, Ansible, Python, VMware Cloud Foundation (VCF) Stack
Job Responsibility
Job Responsibility
  • Lead the design, modernization, and implementation of scalable, secure, and resilient hybrid cloud and containerized infrastructure platforms
  • Define and lead the technical architecture strategy for hybrid cloud, container orchestration (Kubernetes, RedHat OpenShift, VMware Tanzu), and virtualized environments (VMware, Nutanix, RedHat)
  • Architect secure and scalable infrastructure across private, public, and hybrid cloud ecosystems
  • Evaluate, design, and implement solutions for computing, storage, networking, identity, and availability zones across global regions
  • Design and implement Kubernetes, RedHat OpenShift clusters across multi-cloud and on-prem environments, including CI/CD integration, policy enforcement, and workload orchestration
  • Define governance, observability, and security patterns for containerized workloads
  • Lead Infrastructure-as-Code (IaC) initiatives using Terraform, Ansible, GitOps, GitHub, PowerShell, and Python
  • Enable self-service infrastructure capabilities through automation frameworks and developer platforms
  • Partner with DevSecOps, SRE, Infrastructure Operations, Security, and Datacenter Operation teams to scope, define, size, and execute application onboarding, modernization, and consolidation initiatives
  • Mentor engineering teams and influence enterprise architecture (EA) roadmaps
  • Fulltime
Read More
Arrow Right
New

Senior Software Engineer - Java Full stack

Wells Fargo is seeking a Senior Software Engineer.
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
https://www.wellsfargo.com/ Logo
Wells Fargo
Expiration Date
June 22, 2026
Flip Icon
Requirements
Requirements
  • 4+ years of Software Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
  • 5+ years of hands-on software engineering experience with Java (preferably Java 17+), Spring Boot, and RESTful service development
  • Deep understanding of object-oriented programming, design patterns, and secure coding practices
  • Experience with microservices, integration patterns, and Oracle JDBC (UCP)
  • Proficiency with Gradle, Git, and Agile delivery methodologies
  • Practical knowledge of Generative AI, LLM-driven workflows, and prompt design
Job Responsibility
Job Responsibility
  • Lead moderately complex initiatives and deliverables within technical domain environments
  • Contribute to large scale planning of strategies
  • Design, code, test, debug, and document for projects and programs associated with technology domain, including upgrades and deployments
  • Review moderately complex technical challenges that require an in-depth evaluation of technologies and procedures
  • Resolve moderately complex issues and lead a team to meet existing client needs or potential new clients needs while leveraging solid understanding of the function, policies, procedures, or compliance requirements
  • Collaborate and consult with peers, colleagues, and mid-level managers to resolve technical challenges and achieve goals
  • Lead projects and act as an escalation point, provide guidance and direction to less experienced staff
  • Design, develop, and maintain Java 17+ Spring Boot microservices following Clean Architecture and Domain-Driven Design (DDD) principles
  • Implement and optimize RESTful APIs, ensuring compliance with enterprise SDLC, security, and data governance standards
  • Collaborate with product owners, architects, and risk partners to translate mortgage business requirements into secure, scalable technical solutions
  • Fulltime
!
Read More
Arrow Right