As
Lead DevSecOps Engineer , you will join the Modernisation department at OSB Group and be part of the Cloud Centre of Excellence. You will work closely with multiple teams within OSB, such as the architecture review board, Engineering Teams, Cloud security team, and IT operations to ensure comprehensive coverage of requirements for the Cloud platform across the Group. You will lead and coach a small team of DevSec Engineers and report into the Group Head of Cloud. This is a brand new ‘hands-on’ role with a delivery focus on implementing and maintaining DevSecOps processes, tools, and security measures in Azure and multi-Cloud environments. Our team at OSB Group is a cohesive blend of diverse talents and expertise, united by a shared commitment to excellence. With a collaborative spirit and an agile mindset, we thrive in an inclusive environment where every voice is valued, and innovation is encouraged. Supported by strong leadership and a culture of continuous learning, we work together to deliver high-quality solutions that drive innovation and enable our organization to leverage the power of data and technology effectively. The role can be based from our Chatham or Wolverhampton office. About Us
The OSB Group is a FTSE 250 specialist mortgage lender, primarily focused on carefully selected segments of the mortgage market. Our specialist lending is supported by our Kent Reliance and Charter Savings Bank retail savings franchises. Diversification of funding is provided by sophisticated securitisation platforms. OSB’s unique cost-efficient operating model is supported by our wholly-owned subsidiary OSBIndia. Alongside passion for our products and customers, we're passionate about our people and want to continue building a collaborative and engaging environment. Being dedicated to Diversity, Equity and Inclusion, we encourage differences and recognise that individuals from diverse backgrounds and experiences can bring valuable insights and enhance the way we work. What you will be doing
As
Lead DevSecOps Engineer , you will combine expert-level technical skills with leadership and people management responsibilities, fostering a culture of continuous improvement in DevSecOps processes, practices, and security measures in Azure and multi-Cloud environments to deliver secure, reliable, and efficient products. Your responsibilities will include: Collaborate with the Cloud Security Architect, SecOps, and other teams to define and achieve security objectives for projects and programmes. Ensure the DevSecOps team integrates security best practices, regulations, policies, standards, and procedures into the development life cycle, managing business security risks including industry-standard controls such as CIS/NIST/GDPR/ISO/CSA CCM. Ensure application development teams integrate SAST, SCA, and DAST tools into product feature pipelines and promote secure coding practices. Lead the team to monitor/improve OSB's Cloud security posture using Cloud-native tools and guardrails. With a number of exciting opportunities in this role, you will be part of the transformation project which will create a new operating platform for the business. As the company and team grow, so should you! In return for your commitment
We offer a base salary dependent on location and experience between £80,000 - £90,000 and a competitive benefits package including: Discretionary annual bonus opportunity of up to 25%. 30 days annual leave plus bank holidays. Access to Private Medical Insurance and Medical Cash Plan. Maternity & Adoption Leave – Occupational Maternity/Adoption Pay provided at 100% of salary for the first 26 weeks. Paternity Leave – 8 weeks of paid leave to be taken within 12 months of birth or adoption. Additional benefits such as Hybrid working, Cycle Purchase scheme, Technology Purchase scheme, Season Ticket Loan, Holiday purchase/sell schemes, Employee Perk Portals, Payroll giving, and Save as you Earn scheme. Could you be the one?
We are looking for talented individuals who have the experience and knowledge set out below: Significant experience as DevSecOps or Security Engineer role, deploying and maintaining multi-Cloud foundation services (aka Landing zone) and/or container orchestrator platforms. Strong track record working within Infrastructure-as-Code route-to-live environment. Demonstrable experience with provisioning security-as-code, leveraging tools such as Terraform, Veracode, Snyk, InsightAppSec, Trivy, Checkov, SonarCloud, and adapting secure coding practices and guidelines. Knowledge and experience working with threat models (STRIDE/MITRE ATT&CK) and ability to define application controls/mitigations. We also believe that your career and how you progress is as unique as your individual personality. We continually support our people so they can become the best version of themselves. What to do next
If this sounds like you, please apply now! For internal applications, please visit the internal careers page to apply. Alternatively, if you wish to have an informal and confidential chat, please get in touch. Contact details can be found on our careers page. If shortlisted from your initial application, we operate a personalised recruitment process. Interviews are a two-way street; we aim for them to be relevant and conversational to get the best out of you! OSB Group are dedicated to diversity in the workplace and committed to treating all our employees and job applicants equally. We embrace equal opportunities and are opposed to discrimination on any grounds. As part of our public commitment to the Women in Finance Charter, we have introduced our own initiatives to attract, develop and advance senior women in our sector. We don’t stop there, though; we have broadened our approach to encourage diversity and inclusion at all levels and in all roles. Whilst we are an organisation that values face-to-face interaction to build and nourish our culture, we also acknowledge that people are not just productive in an office and tied to the 9 to 5. Flexible-working opportunities are important for establishing a healthy work-life balance, so if you see a role of interest, we are happy to be asked about flexibility and explore together if we can make it work. All applicants must have rights to work in the UK and be willing to undertake the relevant pre-employment screening checks should your application be successful.
#J-18808-Ljbffr
Lead DevSecOps Engineer , you will join the Modernisation department at OSB Group and be part of the Cloud Centre of Excellence. You will work closely with multiple teams within OSB, such as the architecture review board, Engineering Teams, Cloud security team, and IT operations to ensure comprehensive coverage of requirements for the Cloud platform across the Group. You will lead and coach a small team of DevSec Engineers and report into the Group Head of Cloud. This is a brand new ‘hands-on’ role with a delivery focus on implementing and maintaining DevSecOps processes, tools, and security measures in Azure and multi-Cloud environments. Our team at OSB Group is a cohesive blend of diverse talents and expertise, united by a shared commitment to excellence. With a collaborative spirit and an agile mindset, we thrive in an inclusive environment where every voice is valued, and innovation is encouraged. Supported by strong leadership and a culture of continuous learning, we work together to deliver high-quality solutions that drive innovation and enable our organization to leverage the power of data and technology effectively. The role can be based from our Chatham or Wolverhampton office. About Us
The OSB Group is a FTSE 250 specialist mortgage lender, primarily focused on carefully selected segments of the mortgage market. Our specialist lending is supported by our Kent Reliance and Charter Savings Bank retail savings franchises. Diversification of funding is provided by sophisticated securitisation platforms. OSB’s unique cost-efficient operating model is supported by our wholly-owned subsidiary OSBIndia. Alongside passion for our products and customers, we're passionate about our people and want to continue building a collaborative and engaging environment. Being dedicated to Diversity, Equity and Inclusion, we encourage differences and recognise that individuals from diverse backgrounds and experiences can bring valuable insights and enhance the way we work. What you will be doing
As
Lead DevSecOps Engineer , you will combine expert-level technical skills with leadership and people management responsibilities, fostering a culture of continuous improvement in DevSecOps processes, practices, and security measures in Azure and multi-Cloud environments to deliver secure, reliable, and efficient products. Your responsibilities will include: Collaborate with the Cloud Security Architect, SecOps, and other teams to define and achieve security objectives for projects and programmes. Ensure the DevSecOps team integrates security best practices, regulations, policies, standards, and procedures into the development life cycle, managing business security risks including industry-standard controls such as CIS/NIST/GDPR/ISO/CSA CCM. Ensure application development teams integrate SAST, SCA, and DAST tools into product feature pipelines and promote secure coding practices. Lead the team to monitor/improve OSB's Cloud security posture using Cloud-native tools and guardrails. With a number of exciting opportunities in this role, you will be part of the transformation project which will create a new operating platform for the business. As the company and team grow, so should you! In return for your commitment
We offer a base salary dependent on location and experience between £80,000 - £90,000 and a competitive benefits package including: Discretionary annual bonus opportunity of up to 25%. 30 days annual leave plus bank holidays. Access to Private Medical Insurance and Medical Cash Plan. Maternity & Adoption Leave – Occupational Maternity/Adoption Pay provided at 100% of salary for the first 26 weeks. Paternity Leave – 8 weeks of paid leave to be taken within 12 months of birth or adoption. Additional benefits such as Hybrid working, Cycle Purchase scheme, Technology Purchase scheme, Season Ticket Loan, Holiday purchase/sell schemes, Employee Perk Portals, Payroll giving, and Save as you Earn scheme. Could you be the one?
We are looking for talented individuals who have the experience and knowledge set out below: Significant experience as DevSecOps or Security Engineer role, deploying and maintaining multi-Cloud foundation services (aka Landing zone) and/or container orchestrator platforms. Strong track record working within Infrastructure-as-Code route-to-live environment. Demonstrable experience with provisioning security-as-code, leveraging tools such as Terraform, Veracode, Snyk, InsightAppSec, Trivy, Checkov, SonarCloud, and adapting secure coding practices and guidelines. Knowledge and experience working with threat models (STRIDE/MITRE ATT&CK) and ability to define application controls/mitigations. We also believe that your career and how you progress is as unique as your individual personality. We continually support our people so they can become the best version of themselves. What to do next
If this sounds like you, please apply now! For internal applications, please visit the internal careers page to apply. Alternatively, if you wish to have an informal and confidential chat, please get in touch. Contact details can be found on our careers page. If shortlisted from your initial application, we operate a personalised recruitment process. Interviews are a two-way street; we aim for them to be relevant and conversational to get the best out of you! OSB Group are dedicated to diversity in the workplace and committed to treating all our employees and job applicants equally. We embrace equal opportunities and are opposed to discrimination on any grounds. As part of our public commitment to the Women in Finance Charter, we have introduced our own initiatives to attract, develop and advance senior women in our sector. We don’t stop there, though; we have broadened our approach to encourage diversity and inclusion at all levels and in all roles. Whilst we are an organisation that values face-to-face interaction to build and nourish our culture, we also acknowledge that people are not just productive in an office and tied to the 9 to 5. Flexible-working opportunities are important for establishing a healthy work-life balance, so if you see a role of interest, we are happy to be asked about flexibility and explore together if we can make it work. All applicants must have rights to work in the UK and be willing to undertake the relevant pre-employment screening checks should your application be successful.
#J-18808-Ljbffr
