Senior Devops Engineer

BigHand offers technology solutions for busy legal professionals that provide data and insights to increase value and profits. Through technology, insight and experience, we deliver success for our clients future. We enable our clients to give their customers a better experience while empowering their people to be their best.

We make big happen for our customers.

We are a business driven by our values and have these at the centre of everything we do. Our BigHanders are dedicated to building a culture where we win together, we learn, we give back, we believe in each other and we find the fun. We are proud to have ranked in Great Places to Work top 50 “UK’s Best Workplaces” list for 6 years.

About the role

Are you an Azure DevOps Engineer with a passion or interest in getting more experience in Azure Security?
BigHand is on a journey of Cloud Native transition. Our companywide ambition is to modernise our applications and infrastructure to better deliver secure BigHand SaaS products to be available where, when and on whatever device the customer desires. BigHand is a champion of Cloud Security and is now taking the next step to mature its DevSecOps practices. This strategy is driven by the need for fast delivery of new features and secure and cost-effective use of Azure services.
We are looking for an expert Azure DevOps Engineer with experience in AKS Containerisation, Terraform, Windows Server and PowerShell to join as a Senior DevSecOps Engineer. We can offer full training in Security best practice.

What you’ll do:

• As a DevSecOps Engineer, you will be working with a team of great engineers, delivery managers and architects on several topics i.e., Security Testing, Security (Test) Automation, Risk Analysis, Threat modelling, Security Research, and many others.
• You will help reduce the risk for the organisation by helping DevOps, Platform Engineering, Platform Operations, Architecture and Software Engineering teams to deliver secure products and cloud platforms and support companywide security initiatives including information security standards such as ISO27001 and SOC 2.
• You will help to create new strategic plans to be more efficient and work together with BigHand security and compliance departments.
• You will also coach your team members and improve their security knowledge
• You will contribute to the security research and bring new knowledge inside the company. You will act as a bridge from Security to other functions.
• Actively promoting DevSecOps ways of working and best practices within the teams and company at large.
• Support the delivery of the Platform Security roadmap.
• Love open communication, translating security objectives to tech teams.
• Managing several security related items: Security requirements, Threat Modelling, Design Reviews, Secure Code Review, Penetration Tests, Security Trainings, Automated Test Security, Security Monitoring, Kubernetes Security.
• Work with DevOps/Platform Engineers, Software Developers, Architecture to plan, design, implement and deploy secure product and platforms according to the needs of the business.
• Working with other DevOps/Platform Engineers in providing templates and knowledge that facilitates smooth automation process through out a project lifecycle with security embedded in all phases.
• Continuously drive improvements in processes, tooling, and security architecture of the underlying infrastructure and capabilities.
• Work on everything from transitioning on-prem services into Azure cloud (PaaS and IaaS services), helping move to and maintain orchestrated container-based service architecture (Azure Kubernetes and Docker).
• Improve and secure modules in our Terraform & PowerShell module library.
• Create and maintain an enterprise grade security monitoring and alerting solutions of applications, networks, data and infrastructure services. Assist in the creation of reports/dashboards for usage and up-time.
• Manage and monitor security health of platforms to ensure that issues and risk are quickly identified and resolved.
• Collaborate with the IT operations and development teams to plan and execute system changes e.g., security and audit controls as required by the business or compliance requirements.
• Automate build and release manual activities using DevSecOps best practices.
• Create security guides and documentation for the development team to securely operate and maintain products.
• Participate in incident management.
• Prioritise incidents to help deliver within SLAs. Carry out strong diagnosis to discover root cause and resolutions.
• Provide out of hours support on a rota basis throughout the year.

What we’re looking for:

• Excellent working knowledge with Secure Software Development Lifecycle (SSDLC) in an Azure world.
• Hands-on working knowledge of Infrastructure as Code using Terraform and programming and/or scripting language such as PowerShell, Bash, SQL, KQL.
• Hands-on knowledge on the usage of CI/CD processes including the integration of security & code quality tools.
• Hands-on working experience with Microsoft Azure Cloud services (IaaS, PaaS and SaaS), Security, Networking and Azure DevOps Pipelines.
• Good understanding of engineering and automation of container orchestration with Kubernetes and Docker.
• Hands-on knowledge in setup, maintaining and supporting Kubernetes
• Good working knowledge in building solutions on and developing integrations using Azure services.
• Experienced in working in complex environments including on-prem and cloud.
• Analytic skills and ability to solve highly complex problems.

• Experience with OWASP testing Guide / Open-Source Security Testing Methodology.
• Experience implementing controls for ISO27001 and SOC 2.
• Experience with cryptography, X509 certificates, signatures, securing TLS/SSL parameters, and certificates.
• Familiarity with Secure Development Lifecycle practices and Agile development with Continuous Delivery / Integration combined with good experience of cloud security, SAST, DAST, IAST or RASP.
• Excellent understanding of information security principles, cloud security and best practices.
• Hands-on working experience implementing SIEM & SOAR Tools.
• Hands-on experience implementing WAF solutions.
• Hands-on working experience in privileged access management, vulnerability management, secure remote access, secrets management and access control.
• Hands-on experience in designing, implementing, testing, and securing APIs.
• Hands-on experience implementing security controls across data, infrastructure, and applications primarily in Azure.
• Excellent working knowledge implementing security controls across all infrastructure, platforms, and applications.
• Excellent working knowledge of security scanning tools (Static Code Analysis, Dynamics Security Testing, Opensource and Container Scanning tools).
• Hands-on knowledge in security logging, monitoring, and alerting tools.
• Hands-on experience of implementing BCP and Disaster Recovery solutions for services deployed on-prem or Azure Cloud.

What we offer

• 25 days holiday (exc. bank holidays) + 3 BigHand days off between Christmas & New Year
• Various wellbeing benefits including private medical, vision, Employee Assistance Program (EAP) and Employee Resource Groups (ERG)
• Company-wide Wellness day, for our teams all across the globe to switch off and spend the day doing something to nourish their mental health
• Opportunities to give back with company volunteer events and individual volunteer days
• Career growth opportunities and study leave allowance
• Family benefits including enhanced parental leave, secondary caregiver leave and fertility support
• Financial benefits including pension scheme, life assurance, and salary sacrificing
• Cycle to Work Scheme and Tech Scheme
• Growing business with a global presence, flexible working, modern offices, and remote work options

Our DEI Commitment

We welcome the unique value and individuality that you can bring to BigHand. We are an equal opportunity employer and are dedicated to recruiting solely based on capability and potential regardless of race, gender, sexual orientation, gender identity or expression, age, educational background, national origin, religion, military status or physical ability. Our BigHanders are dedicated to advancing our culture of belonging by embracing differing viewpoints, opinions, thoughts, and ideas.