DevSecOps Developer

Requirements

Must have:

- We want strong hands-on software security knowledge and the ability to investigate and respond to application-level security vulnerabilities and incidents.

• We want a strong understanding of modern software engineering practices, secure development principles, and common application security risks.
• We want experience developing and supporting cloud-native applications using Python, JavaScript, and/or PHP within AWS-based environments.
• We want familiarity with designing and integrating RESTful APIs, backend services, and event-driven architectures.
• We want experience integrating security, testing, and automation controls into CI/CD pipelines and software delivery workflows.
• We want hands-on experience with infrastructure as code and cloud automation to provision and manage scalable AWS environments.
• We want experience working with containerised applications and modern platform technologies in distributed systems.
• We want understanding of secure authentication, access control, secrets management, and security best practices in cloud environments.
• We want experience implementing monitoring, logging, alerting, and observability practices for operational resilience and troubleshooting.
• We want the ability to investigate, triage, and help remediate application and platform security issues in collaboration with engineering teams.
• We want strong problem-solving, collaboration, and communication skills, with the ability to work effectively across engineering, platform, and security teams in fast-paced environments.
• We require the appropriate right to work in the UK.
• We do not offer sponsorship for this position.

Responsibilities:

- We work closely with software engineering, platform, and DevOps teams to embed security into the end-to-end software delivery lifecycle across AWS-based environments.

• We support and guide the secure development of cloud-native applications, APIs, and backend services using technologies such as Python, JavaScript, and PHP.
• We provide practical guidance on secure application design, authentication, access control, secrets management, and resilient cloud architectures.
• We integrate security, testing, and automation controls into CI/CD pipelines and development workflows while maintaining a strong developer experience.
• We contribute to the development and maintenance of infrastructure as code, cloud automation, and scalable platform capabilities within AWS environments.
• We drive the adoption of engineering guardrails, reusable security patterns, and automation that enable teams to deliver securely and efficiently at scale.
• We support the identification, investigation, triage, and remediation of application and platform vulnerabilities in collaboration with engineering teams.
• We contribute to security incident response activities, including root cause analysis, remediation support, and continuous improvement initiatives.
• We work with platform and engineering teams to improve monitoring, logging, alerting, and observability practices across distributed systems.
• We promote a positive engineering and security culture through coaching, collaboration, knowledge sharing, and day-to-day engagement with development teams.

Company:

We are Sky, a leading media and entertainment company connecting millions with entertainment, sports, news, and arts through innovative products and services. Our AppSec Tooling team enables secure software development across the organisation by building and operating platforms for penetration testing, threat modelling, security reporting, and vulnerability remediation. This is an exciting opportunity to help scale our UK-based capability so security is embedded by default across our engineering estate.

We offer a hybrid working model with 2 days in the office per week, based at our Osterley campus, which is a 10-minute walk from Syon Lane station and also served by free shuttle buses. Our campus includes subsidised restaurants, cafes, a Waitrose, a gym, cinema, car wash, and beauty salon. We also offer a range of perks including a free Sky TV or NOW package, pension with up to 9% employer contribution, private healthcare with mental health support, Aviva Digital GP and dental insurance, product discounts, Sharesave and Tech schemes, and Sky VIP rewards and experiences.

We are an equal opportunity employer, value diversity, and welcome applications from all candidates.