DevSecOps Engineer
Mistral AI
AWSAzureCloudDockerGoGoogle Cloud PlatformKubernetesPythonSDLCTerraformVault
Salary
💰 £80,000 - £120,000 per year
Job Level
Senior
Tech Stack
AWSCloudReactRuby on RailsTerraformTypeScript
About the role
- Make our security posture airtight by designing and implementing security controls across architecture, infrastructure and code
- Shift security left: embed SAST/DAST, IaC scanning, secure coding standards and threat-modeling into CI/CD pipeline
- Own compliance & audits: run Vanta end-to-end (SOC 2 Type II, ISO 27001, GDPR), coordinate pen tests, evidence gathering and policy reviews
- Enable revenue: partner with Sales & Customer Success to answer security questionnaires, lead RFP security sections, and join prospect calls
- Code and build: contribute production-ready TypeScript, Terraform/CDK and automation scripts; raise security bar through secure patterns and reviews
- Drive security culture: run incident-response playbooks, tabletop exercises, and brown-bag sessions
- Set and execute the security roadmap, deliver dashboards, policies and guard-rails in production
Requirements
- Hiring at Level 3 (Senior) and Level 4 (Lead); typical candidates bring 5+ years of deep security engineering experience in high-growth, cloud-native SaaS environments
- First dedicated security specialist on the team
- Experience designing and implementing security controls across architecture, infrastructure and code (AWS Serverless, CDK/SST, React/TypeScript)
- Experience embedding SAST/DAST, IaC scanning, secure coding standards and threat-modeling into CI/CD
- Experience running Vanta and managing compliance (SOC 2 Type II, ISO 27001, GDPR)
- Experience coordinating third-party pen tests, evidence gathering and policy reviews
- Experience partnering with Sales & Customer Success on security questionnaires, RFPs, and customer audits
- Ability to contribute production-ready TypeScript, Terraform/CDK and automation scripts
- Experience with security tooling such as Vanta, Snyk, Semgrep, Wiz or Orca
- Deep knowledge of AWS IAM, networking, KMS, serverless hardening, and infrastructure-as-code review
- Bias for action, automation-first mindset, and ability to iterate quickly
- Strong coaching and communication skills to drive security culture and run incident-response playbooks
- Comfortable with ambiguity and owning security roadmap as first hire
- Must be a full‑stack JavaScript/TypeScript developer and able to do challenge in Javascript/Typescript
- Willingness to work in-person Tues-Weds-Thurs at Victoria station office in London
- Role is permanent (non-contractor)
Similar jobs on JobTailor
Senior Software Engineer – Backend, Rails
Perchwell
AWSEC2ElasticSearchPostgresReactRubyRuby on Rails
Staff Software Engineer, Site Reliability, SRE
Optimal Ways
AWSCloudDynamoDBJavaJavaScriptKubernetesPythonSDLCTerraformTypeScript
Staff Software Engineer
Arrive AI
AWSDockerJavaScriptKotlinReactRubyRuby on RailsSpringSQLTerraform
Senior Manager, IT Engineering
Upstart
AWSCloudJamfKubernetesPythonTerraform