At the award-winning company to work for, AXA UK, we have an exciting new full-time permanent opportunity for a DevSecOps Lead within our AXA Health business. This is a remote/home working allowed position with occasional travel to one of our AXA offices (throughout the UK) required and can be performed flexibly to accommodate work-life balance.
As DevSecOps Lead, you’ll ensure the appropriate implementation and operation of an automated (security) risk-based CI/CD environment for the delivery of the Health Change portfolio. You’ll work on the security aspects of project delivery across AXA Health in an agile manner and the building of processes to ensure security controls delivered in projects remain in place into BAU. Working with multiple stakeholders, you’ll need to understand various needs and be able to communicate and influence accordingly ensuring security requirements in the Software Development Life Cycle (SDLC) are recognised and appropriate actions are taken. There will be plenty of opportunity to grow within the role both technically and from a stakeholder perspective.
- Design and implement mechanisms that efficiently identify and mitigate security risks within the existing DevOps workstreams
- Define and set secure development, test, release, update, and support processes for DevOps operation. Collaborate with engineers to build a continuous delivery environment that will support the technical needs of our roadmap
- Create, iterate, and optimise internal tooling to allow the team to move faster and remain agile
- Support the development of security operations for BAU monitoring, testing, auditing, and regulatory compliance
- Identify security threats by conducting continual monitoring, penetration testing, vulnerability assessments, and audit log analysis
- Deploy and administer security monitoring tools for the BAU SecOps team, and perform frequent risk assessments
- Instil and foster uptake of DevSecOps practices through meaningful engagement with the AXA Health Engineering and BAU Security teams
- Keep updated with the latest application security developments and security trends to continually improve internal processes and update stakeholders
We’re inviting applications from those with similar role experience from any industry. As there are no direct reports for the role, team management experience isn’t required. Degree level or equivalent education is preferred, as is a relevant professional qualification e.g. CCSP, CSSLP, Microsoft/AWS DevOps/Security Engineer. The following role-specific skills/experience are desired:
- Experience in securing Infrastructure as a Service IaaS
- Experience working in an Azure DevOps or similar CI/CD environment
- Experience in programming or scripting languages, e.g. Net framework, Python, Perl, and Java
- Experience of securing code promotion and change management processes and tools
- Significant experience implementing and operating automated security tools (SCA, DAST, SAST, etc.)
- Significant experience in managing and patching vulnerabilities across a host of assets
- Awareness of Agile principles and critical concepts in DevOps
- Deep knowledge with a security focus of networking, infrastructure and applications from a DevOps perspective
With a presence in over 60 countries, and 165,000 employees serving the needs of 107 million customers, AXA is big.
But never too big to care for every single person who works here. So when you join us, we promise to put our collective might behind you and your career.
You’ll work in an open and supportive environment where you’ll be developed, challenged and encouraged to move around to achieve even bigger and better things – nationally and internationally. You’ll learn directly from senior leaders, from the best in our business. And you’ll enjoy real responsibility, really early on.
Every large company today talks about supporting diversity and inclusion. But at AXA UK, these values form an integral part of everything we do. For us, it’s about bringing together the best talent, helping people to realise their full potential by being 100% themselves at work and delivering outstanding service to everyone – regardless of difference.
AXA Health is the UK healthcare specialist for the AXA Group.
Whatever our customers’ health goals, we help them get there. That could be getting someone physio for an injury that’s holding them back, or finding them the right specialist to take their treatment forward.
Our team are experts in their fields: from experienced cancer nurses to pioneering data analysts; from our highly respected customer service team to our wide-ranging in-house team of clinicians. We all work together to be the best we can be.
The DevSecOps Lead role offers a fantastic salary and benefits package that AXA UK are renowned for.
- Attractive salary of £75K-£85K DOE
- Annual performance related bonus
- Generous contribution-based pension scheme (company pays up to 12%)
- Life assurance (10 x base salary pay-out)
- 28 days annual leave plus bank holidays and option to buy/sell days
- Private Medical Insurance
- Special leave for emergencies, bereavements, family planning
- 3 Days Volunteering/Charity Days
- Free live online fitness classes (Yoga, HIIT, Thai Chi and more)
- Up to 50% off PureGym membership
- 24/7 mental wellbeing support (through Thrive app)
- Dedicated financial support (through AXA-paid Nudge)
- Free LinkedIn Learning access
- Discounted shopping vouchers scheme
We’re proud to announce we’ve just been awarded 24th Best Place to Work by Glassdoor, reflecting how much our employees love working for us. To be considered, attach your CV or associated job profile (no cover letter necessary) and apply now.
Closing Date: 11th March 2021
At AXA, we’re proud to be committed to equal opportunities and welcome applications from all backgrounds.