CrawlJobs Logo

DevSecOps Security Consultant

whitehallresources.com Logo

Whitehall Resources Ltd

Location Icon

Location:
United Kingdom

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

We are seeking a highly skilled and experienced Senior Cybersecurity SME / Consultant to join the Engineering Excellence and Enablement team. The successful candidate will work across global engineering platforms to benchmark, uplift, and continuously evolve cybersecurity maturity. The successful candidate will play a critical role in ensuring that build systems, runtime infrastructure, and developer tooling are secure by design, while enabling rapid and resilient software delivery across the bank. This role offers a unique opportunity to shape the cybersecurity posture of engineering platforms at one of the world’s leading financial institutions, ensuring the bank can deliver digital services securely, reliably, and at scale.

Job Responsibility:

  • Develop and maintain an Engineering-Platform Cybersecurity Maturity Framework to standardise assessments across platforms
  • Conduct comprehensive platform security reviews (build systems, CI/CD pipelines, runtime infrastructure, developer tooling) against defined framework criteria
  • Perform threat modelling and gap analysis, identifying vulnerabilities and systemic risks impacting source code, artifacts, and workloads
  • Establish standardised secure architecture and engineering patterns for build systems, CI/CD pipelines, runtime environments, and developer tooling
  • Define and enforce platform security baselines using policy-as-code and automated controls
  • Partner with platform owners to remediate critical gaps and implement scalable solutions for artifact integrity, access control, and configuration security
  • Integrate vulnerability management, SBOM, provenance, and code-signing practices within engineering workflows
  • Prioritise identified gaps based on business risk, regulatory impact, and operational criticality
  • Collaborate with platform owners and engineering leads to build actionable security roadmaps, balancing quick wins with long-term strategic improvements
  • Partner with engineering teams to design, develop, and embed security patterns and best practices into engineering platforms
  • Serve as a trusted advisor to platform owners, senior technology stakeholders, and Cybersecurity leadership, translating technical risks into business impact
  • Represent the function in key governance forums, providing updates on maturity progress, roadmap delivery, and risk posture
  • Influence and align stakeholders across federated engineering teams to ensure consistent adoption of cybersecurity best practices
  • Track and report maturity scores, ensuring measurable improvement across platforms
  • Continuously evolve the maturity framework in response to emerging threats, technology evolution, and regulatory expectations
  • Drive a culture of secure-by-design engineering through engagement, advocacy, and knowledge sharing

Requirements:

  • Proven expertise in Cybersecurity within large-scale, regulated financial institutions or similarly complex environments
  • Deep technical knowledge of engineering platforms, including CI/CD systems, build tools, artifact repositories, runtime environments, and developer tooling
  • Strong experience with DevSecOps practices, including secure pipeline design, integration of security scanning tools, and automation of security controls
  • Strong knowledge and understanding of service mesh, cryptography, network security, application security, vulnerability management, and risk management
  • Demonstrable ability to conduct threat modelling, platform security assessments, and gap analysis
  • Experience building and implementing maturity models, frameworks, or roadmaps in complex enterprise environments
  • Strong stakeholder management skills, with the ability to influence senior leadership and drive change across federated technology teams
  • Excellent communication skills, with the ability to translate technical risk into business impact

Nice to have:

  • Professional certifications such as CISSP, CISM, CCSK, CCSP, or equivalent
  • Hands-on knowledge of cloud security (AWS, Azure, GCP) and container orchestration platforms (e.g., Kubernetes)
  • Experience in international and diverse environments, with exposure to regulatory engagement
  • Familiarity with engineering excellence practices such as SLSA, supply chain security, SBOM, or secure developer tooling initiatives

Additional Information:

Job Posted:
May 03, 2026

Employment Type:
Fulltime
Work Type:
On-site work
Icon
Whitehall Resources Ltd - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for DevSecOps Security Consultant

Technical Security Consultant

We are looking for a Technical Security Consultants to work as part of our Secur...
Location
Location
Salary
Salary:
Not provided
admiralgroup.co.uk Logo
Admiral Group Plc
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Technical background, with knowledge of one or more of the following, Development, IT support, Data Science, networking or system administration
  • Experience of conducting risk assessments, threat models or security consulting for Generative AI systems
  • Deep knowledge and understanding of Cloud migration and Application Security development lifecycle and DevSecOps principles, automation, and familiarity with security architecture modelling
  • Knowledge and experience of securing Azure and/or Google Cloud Platforms
  • Knowledge and experience of using at least one risk methodology
  • Security Software as a Service implementations
  • Strong stakeholder management and communication skills and a proven track record of working with businesses to meet strategic objectives
  • Ability to discuss highly complex and technical problems and solutions in business language
  • Experienced in cyber security frameworks such as NIST, CIS20, MITRE Attack and STRIDE
Job Responsibility
Job Responsibility
  • Understand the Strategic Business Objectives, actively contribute to achieving them
  • Provide technical security consultancy to the change delivery functions – agile & waterfall
  • Assess security posture in CI/CD pipelines and support improvement
  • Support the Security Champions Programme and DevSecOps
  • Understand and deliver security assessments, threat modelling and security consultancy for Generative AI and Machine Learning
  • Liaise and collaborate with technical stakeholders within Agile Tribes, Projects, and Programmes
  • Assess changes for technical vulnerabilities, threat models, assess security risk exposure, and identify appropriate controls to bring the risk within tolerance
  • Engage effectively with specialists in Security Architecture, Security Operations, Security Culture, Security Delivery, and Security Risk and Governance teams to ensure completeness and consistency of the advice provided to delivery functions
  • Perform design reviews to ensure security principles and controls are included from design phase
  • Ensure advice provided is of a high standard and based on best practice, supported by Security Leadership and withing the cost and risk tolerance of the organisation
What we offer
What we offer
  • Everyone receives 33 days holiday (including bank holidays) when they join us, increasing the longer you stay with us, up to a maximum of 38 days (including bank holidays)
  • You also have the option to buy or sell up to an additional five days of annual leave
  • Share package
  • Career growth and development opportunities
  • Financial & Mortgage Advice
  • 24-Hour Ecare
  • Cycle to Work Scheme
  • Annual Holiday Allowance
  • Flexible Working
  • Simply Health
  • Fulltime
Read More
Arrow Right

Senior Manager of Solution Engineering, Pre-Sales

At JFrog, we’re reinventing DevOps to help the world’s greatest companies innova...
Location
Location
United States
Salary
Salary:
200000.00 - 215000.00 USD / Year
jfrog.com Logo
JFrog
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6-8+ years of hands-on experience in technical pre-sales, Software Architecture design, or technical customer-facing roles, preferably in a security or B2B SaaS environment
  • 3-5+ years of technical leadership experience, including coaching and direct management of a pre-sales or solution engineering team
  • Strong technical knowledge across cloud security (AWS, Azure, GCP), DevSecOps, and Application Security domains (e.g., experience with SIEM, CSPM, CNAPP, or threat detection technologies)
  • Solid foundation in agile development, DevSecOps, continuous integration (CI) and continuous delivery (CD)
  • and cloud infrastructure
  • Demonstrated organizational and project management capabilities, with the ability to handle multiple tasks with shifting priorities and varying deadlines
Job Responsibility
Job Responsibility
  • Lead, coach, and mentor a high-performing team of solution experts, engineers, and architects, specifically focusing on elevating their technical depth and consultative selling skills
  • Define technical pre-sales strategy to meet customer’s DevOps/DevSecOps needs and goals
  • Develop and analyze metrics to analyze revenue performance and individual performance
  • Define a development and enablement plan for each team member, focusing on the DevOps and security and consultative selling domains
  • Oversee and establish best practices for all customer engagements, including Proof-of-Concept (PoC) success, technical demos, and architecture reviews
  • Team with Sales peers to drive technical wins and align technical strategies with revenue goals
  • Collaborate with Marketing, Product, and R&D teams to provide real-world feedback and influence the security product roadmap
  • Build and maintain the group's domain leadership with the latest technology trends related to DevSecOps, Cloud Security, Application Security (AppSec), and the landscape of CI/CD Technologies
What we offer
What we offer
  • Equity package of restricted stock units (RSU)
  • Eligibility to participate in our Employee Stock Purchase Plan
  • Comprehensive benefits including medical, dental, vision, retirement, wellness and much more
  • Fulltime
Read More
Arrow Right

Senior Manager of Solution Engineering, Pre-Sales

At JFrog, we’re reinventing DevOps to help the world’s greatest companies innova...
Location
Location
United States , Sunnyvale
Salary
Salary:
200000.00 - 215000.00 USD / Year
jfrog.com Logo
JFrog
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6-8+ years of hands-on experience in technical pre-sales, Software Architecture design, or technical customer-facing roles, preferably in a security or B2B SaaS environment
  • 3-5+ years of technical leadership experience, including coaching and direct management of a pre-sales or solution engineering team
  • Strong technical knowledge across cloud security (AWS, Azure, GCP), DevSecOps, and Application Security domains (e.g., experience with SIEM, CSPM, CNAPP, or threat detection technologies)
  • Solid foundation in agile development, DevSecOps, continuous integration (CI) and continuous delivery (CD)
  • and cloud infrastructure
  • Demonstrated organizational and project management capabilities, with the ability to handle multiple tasks with shifting priorities and varying deadlines
Job Responsibility
Job Responsibility
  • Lead, coach, and mentor a high-performing team of solution experts, engineers, and architects, specifically focusing on elevating their technical depth and consultative selling skills
  • Define technical pre-sales strategy to meet customer’s DevOps/DevSecOps needs and goals
  • Develop and analyze metrics to analyze revenue performance and individual performance
  • Define a development and enablement plan for each team member, focusing on the DevOps and security and consultative selling domains
  • Oversee and establish best practices for all customer engagements, including Proof-of-Concept (PoC) success, technical demos, and architecture reviews
  • Team with Sales peers to drive technical wins and align technical strategies with revenue goals
  • Collaborate with Marketing, Product, and R&D teams to provide real-world feedback and influence the security product roadmap
  • Build and maintain the group's domain leadership with the latest technology trends related to DevSecOps, Cloud Security, Application Security (AppSec), and the landscape of CI/CD Technologies
What we offer
What we offer
  • Equity package of restricted stock units (RSU)
  • Eligibility to participate in our Employee Stock Purchase Plan
  • Comprehensive benefits including medical, dental, vision, retirement, wellness and much more
  • Fulltime
Read More
Arrow Right

Senior Manager of Solution Engineering, Pre-Sales

At JFrog, we’re reinventing DevOps to help the world’s greatest companies innova...
Location
Location
United States , Atlanta
Salary
Salary:
200000.00 - 215000.00 USD / Year
jfrog.com Logo
JFrog
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6-8+ years of hands-on experience in technical pre-sales, Software Architecture design, or technical customer-facing roles, preferably in a security or B2B SaaS environment
  • 3-5+ years of technical leadership experience, including coaching and direct management of a pre-sales or solution engineering team
  • Strong technical knowledge across cloud security (AWS, Azure, GCP), DevSecOps, and Application Security domains (e.g., experience with SIEM, CSPM, CNAPP, or threat detection technologies)
  • Solid foundation in agile development, DevSecOps, continuous integration (CI) and continuous delivery (CD)
  • and cloud infrastructure
  • Demonstrated organizational and project management capabilities, with the ability to handle multiple tasks with shifting priorities and varying deadlines
Job Responsibility
Job Responsibility
  • Lead, coach, and mentor a high-performing team of solution experts, engineers, and architects, specifically focusing on elevating their technical depth and consultative selling skills
  • Define technical pre-sales strategy to meet customer’s DevOps/DevSecOps needs and goals
  • Develop and analyze metrics to analyze revenue performance and individual performance
  • Define a development and enablement plan for each team member, focusing on the DevOps and security and consultative selling domains
  • Oversee and establish best practices for all customer engagements, including Proof-of-Concept (PoC) success, technical demos, and architecture reviews
  • Team with Sales peers to drive technical wins and align technical strategies with revenue goals
  • Collaborate with Marketing, Product, and R&D teams to provide real-world feedback and influence the security product roadmap
  • Build and maintain the group's domain leadership with the latest technology trends related to DevSecOps, Cloud Security, Application Security (AppSec), and the landscape of CI/CD Technologies
What we offer
What we offer
  • Equity package of restricted stock units (RSU)
  • Eligibility to participate in Employee Stock Purchase Plan
  • Comprehensive benefits including medical, dental, vision, retirement, wellness
  • Fulltime
Read More
Arrow Right

Security Development and Test Director

The Security Development and Test Director at NTT DATA will lead security develo...
Location
Location
United Kingdom , Birmingham
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years in secure software development and testing
  • 5+ years in leadership
  • Proven success in managing large-scale secure development projects
  • Excellent communication and client relationship skills
  • Experience managing crisis situations and leading diverse teams
  • Strong English writing and verbal communication skills
  • Attention to detail and ability to build high-performing teams
  • Relevant certifications (e.g., CISSP, CISM, CSSLP, CEH)
  • Valid right to work in the UK and eligibility for UK SC clearance
Job Responsibility
Job Responsibility
  • Pre-Sales Support and Business Development: Partner with sales and business development teams to define and articulate the value proposition of the security development and testing offerings
  • Represent the function in client engagements, pre-sales discussions, and technical assessments
  • Design and present tailored solutions based on customer-specific challenges and threat landscapes
  • Collaborate on statements of work (SOWs) and influence product roadmaps
  • Service Delivery Assurance: Oversee performance and quality of services delivered, ensuring SLA and KPI compliance
  • Implement governance mechanisms and standardised methodologies
  • Act as the primary escalation point for complex engagements
  • Conduct regular client reviews to identify enhancement opportunities
  • Budget and Financial Management: Develop and manage financial plans, including budgeting and profitability analysis
  • Monitor expenses and identify cost reduction opportunities
What we offer
What we offer
  • Tailored benefits that support your physical, emotional, and financial wellbeing
  • Continuous growth and development opportunities
  • Flexible work options
Read More
Arrow Right

Senior Director, Security Engineering

At Modus Create, we help organizations build modern platforms and products with ...
Location
Location
United States of America
Salary
Salary:
Not provided
moduscreate.com Logo
Modus Create
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 15+ years in security, software, or systems engineering roles
  • 7+ years leading senior security engineers, managers, or Directors—ideally in global, distributed, or consulting environments
  • Hands-on experience with modern security engineering across application, cloud, and platform environments, including secure SDLC, CI/CD security, infrastructure-as-code, and threat modeling
  • Proven success supporting pre-sales, solutioning, and growing security-led engagements within enterprise or mid-market accounts
  • Demonstrated ability to build scalable security practices, uplift team capabilities, and develop high-performing, inclusive security engineering teams
  • Strong empathy for client risk, constraints, and delivery realities, with the ability to translate security needs into pragmatic, measurable outcomes
  • Effective across technical, executive, and cross-functional settings, with the ability to clearly articulate risk, tradeoffs, and recommendations to diverse stakeholders
  • Technical Skills: secure-by-design systems, threat modeling, risk assessment, vulnerability management, penetration testing, incident readiness and remediation
  • Cloud & Infrastructure Security: cloud security architecture, multi-account strategy, IAM, network security, shared services, secure landing zones
  • Application Security: secure SDLC, code review practices, dependency and supply-chain security, secrets management, configuration hardening
Job Responsibility
Job Responsibility
  • Embed Security into Modern Delivery: Integrate security into development workflows, CI/CD pipelines, and infrastructure-as-code
  • Drive shift-left security practices in partnership with platform and product teams
  • Ensure security tooling and controls enable delivery velocity rather than block it
  • Promote secure-by-design patterns across cloud-native and platform environments
  • Deliver Trusted, Secure Systems: Lead threat modeling, vulnerability management, and remediation planning across engagements
  • Guide incident readiness, root cause analysis, and systemic risk reduction
  • Ensure security risks are clearly articulated, prioritized, and addressed
  • Balance short-term delivery needs with long-term security posture
  • Lead & Grow Security Teams: Lead, mentor, and develop Directors and senior security practitioners
  • Set clear expectations around ownership, quality, and professional growth
What we offer
What we offer
  • Remote work with flexible working hours
  • Modus Global Office Program: on-demand access to private offices, meeting rooms, coworking spaces and business lounges in locations in over 120 countries
  • Employee Referral Program
  • Client Referral Program
  • Travel according to client or team needs
  • The chance to work side-by-side with thought leaders in emerging tech
  • Fulltime
Read More
Arrow Right

Account Executive

As an Enterprise Account Executive, you will be responsible for driving revenue ...
Location
Location
United States
Salary
Salary:
Not provided
https://www.endorlabs.com Logo
Endor Labs
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Business Administration, Marketing, or a related field (preferred but not mandatory)
  • 5+ years of experience as a sales executive / sales leader, preferably in a startup focusing on Cybersecurity, DevOps, or DevSecOps
  • Proven track record of owning the entire sales cycle with a focus on Enterprise customers (1,000 to 10,000+ employees)
  • Experience in consultative selling, solution selling, or a similar sales methodology
  • Familiarity with common pain points in DevSecOps & Application Security
  • Excellent communication and interpersonal skills, and ability to build rapport and trust with customers
  • Results-oriented mindset with a passion for meeting and exceeding sales targets
  • Self-motivated, proactive, and able to work independently & collaboratively within a team
  • Ability to quickly learn and articulate the value proposition of software products and solutions
Job Responsibility
Job Responsibility
  • Generate new business opportunities and drive sales growth within your territory
  • Prospect and qualify potential customers through various channels, including cold calling, email campaigns, social media, and networking events
  • Conduct needs analysis and product demonstrations to understand customer requirements and effectively present our solutions
  • Build and maintain strong relationships with key decision-makers and stakeholders, understanding their organizational structure, pain points, and business goals
  • Develop and execute sales plans to meet and exceed sales targets, while effectively managing the sales pipeline
What we offer
What we offer
  • Competitive salary and comprehensive benefits package including Health, Dental, Vision and Mental Health plans
  • Flexible PTO to maintain a healthy work-life balance
  • Opportunities for co-working and team meetups to foster collaboration
Read More
Arrow Right

Security Development and Test Manager

Join a dynamic team as a Security Development and Test Manager, leading secure s...
Location
Location
United Kingdom , Birmingham; London
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years in secure software development, testing, or DevSecOps environments
  • 1–3 years of experience in a team lead or managerial capacity
  • Hands-on experience with security testing tools (e.g., Veracode, SonarQube, Burp Suite, etc.)
  • Familiarity with secure coding practices, OWASP Top 10, and threat modelling
  • Experience working in Agile or DevOps-driven environments
  • Strong verbal and written communication skills
  • Relevant security or DevSecOps certifications (e.g., CSSLP, CEH, GWEB) preferred
  • Eligible for SC clearance in the UK
Job Responsibility
Job Responsibility
  • Manage the execution of secure development and testing services across projects and clients
  • Support adherence to SLAs, KPIs, and internal quality standards for security testing
  • Serve as a point of contact for technical escalations and coordinate with senior stakeholders to resolve issues
  • Support client engagements with documentation, test results, and security assessment reports
  • Work with engineering and DevOps teams to embed security tools (e.g., SAST, DAST, SCA) into CI/CD pipelines
  • Help maintain and improve automated security testing workflows
  • Support threat modelling and secure design practices at the project level
  • Participate in security reviews of new features and applications
  • Oversee the planning and execution of security tests, including static and dynamic analysis
  • Ensure appropriate tooling is used and maintained, and testing results are actioned
What we offer
What we offer
  • Tailored benefits that support your physical, emotional, and financial wellbeing
  • Continuous growth and development opportunities
  • Flexible work options
Read More
Arrow Right