We''re looking for a hands-on DevSecOps Engineer to take ownership of application and cloud security across a modern, Azure-first product environment. This is a product-focused security role, sitting at the intersection of development, DevOps and security, helping teams understand why vulnerabilities exist and how to fix them properly. The foundations are already strong, with regular external penetration testing, positive audit outcomes, and mature security tooling are in place. Your role is to raise the bar further, embedding security deeper into how products are built, configured and deployed. You''ll be the subject matter owner for DevSecOps, working closely with developers, DevOps and product teams to improve security posture through insight, automation and education. The role: Act as the DevSecOps lead, owning application and cloud security practices across the business Analyse outputs from SAST and DAST tools (e.g. Snyk, BrightSec), understanding vulnerabilities at a low level and advising development teams on remediation Work closely with DevOps to ensure secure configuration and deployment within Azure (including Azure Front Door, WAF, Defender for Cloud, Sentinel) Support and interpret results from ITHC (UK Government-standard) penetration tests, ensuring findings are understood and remediated across product and platform teams Embed security controls and testing into CI/CD pipelines, improving automation and consistency Help educate and uplift DevOps and ..... full job details .....