Senior DevSecOps Engineer

teya
London

Hello. We’re Teya.

Teya was founded on a simple belief: local businesses deserve better.

They are the cafés, restaurants, salons, shops and entrepreneurs that bring character to our high streets, create jobs and keep communities moving. Yet for too long, financial services has made life harder for them - with clunky tools, poor support and complexity that gets in the way of running a business.

Teya exists to change that.

We’re building a financial platform for local businesses across Europe - one built around simple tools, thoughtful design and real human support. Our Members rely on us to help them run their business with confidence, and that responsibility shapes the way we work.

We move fast. We care about quality. We stay close to the detail. And we believe great performance and genuine hospitality should go hand in hand.

If you want to build meaningful products, solve real problems and make a genuine difference for local businesses, we’d love to hear from you

Your Mission

As a Senior DevSecOps Engineer (Security Tooling & Enablement), you will be responsible for embedding automated security controls and guardrails into our CI/CD pipelines, cloud platforms, and developer workflows. You’ll build and operate internal security tooling and integrations that enable secure delivery at scale—focusing on automation, low-friction developer experience, and high-quality security feedback loops. You will partner closely with platform, cloud, AppSec, and SecOps teams to deliver scalable, reliable, and friction-reducing security capabilities across the engineering organisation.

Responsibilities

Security in CI/CD & Delivery Workflows

  • Integrate and maintain security checks (SAST, DAST, SCA, secrets scanning) into CI/CD pipelines.

  • Provide fast, actionable, low-noise feedback to developers.

  • Embed infrastructure and application scanning into automated deployments.

Security Tooling & Platform Engineering

  • Design, build, and operate internal security services, APIs, CLIs, and automation workflows.

  • Apply strong software engineering practices to security tooling (testing, observability, version control).

  • Treat security tooling as a product with clear documentation and support.

Policy-as-Code & Guardrails

  • Implement and maintain policy-as-code guardrails for IaC, Kubernetes manifests, cloud accounts and identity configurations.

  • Work with platform teams to define secure defaults and self-service patterns.

Platform Security & Detection Pipelines

  • Support vulnerability scanning platforms and security telemetry pipelines.

  • Ensure high-quality structured security data flows to SIEM/log platforms.

  • Enable automated response actions via integrations and runbooks.

DevSecOps Culture & Enablement

  • Champion secure engineering practices and a shared responsibility mindset.

  • Drive enablement activities (office hours, guides, training) to improve adoption of secure patterns.

  • Contribute to blameless post-incident reviews and continuous improvement.

Automation, AI & Operational Metrics

  • Leverage automation and AI to reduce manual toil and enrich security findings.

  • Define and track metrics such as time-to-feedback, signal-to-noise, and tooling adoption.

Requirements

  • 5+ years in security engineering, DevSecOps, or platform engineering with significant security integration experience.

  • Hands-on experience embedding security into CI/CD (SAST/DAST/SCA, container scanning, secrets detection).

  • Proficiency with CI/CD platforms (e.g., GitHub Actions, GitLab CI, Jenkins) and IaC (e.g., Terraform).

  • Strong software engineering and automation skills (Python, Go, Bash, or similar).

  • Deep cloud-native experience (AWS preferred), including IAM, networking, and logging.

  • Experience designing and implementing policy-as-code and security guardrails.

  • Ability to collaborate cross-functionally, balancing security with delivery velocity.

Nice-to-Haves

  • Experience in fintech or regulated environments.

  • Familiarity with WAF/DDoS tools, Zero Trust, and vulnerability management programmes.

  • Exposure to SOAR or security automation platforms.

  • Relevant certifications (AWS Security, Kubernetes Security, GIAC, CISSP, etc.).

Ways of working

  • Extreme ownership: You take end-to-end responsibility for outcomes, not just findings or tooling output

  • Pragmatic and delivery-aware: You balance risk reduction with product velocity, focusing on changes that materially reduce risk

  • Low-ego and collaborative: You build trust with engineers, product, and operations teams, influencing through credibility and partnership

  • Impact-driven: You measure success through outcomes—risk reduction, adoption, and time-to-remediate—not activity

  • Data-informed: You use metrics and trends to guide priorities and demonstrate impact

  • High bar for craft: You produce clear documentation, reusable patterns, and automation that scale across teams

  • AI-first mindset: You actively look for opportunities to use automation and AI to improve security outcomes

The Perks

  • We trust you, so we offer flexible working hours, as long it suits both you and your team;

  • Health Insurance;

  • Physical and mental health support through our partnership with MyFitness;

  • 25 days of Annual leave (+ Bank Holidays);

  • Possibility to visit other Teya offices to meet colleagues in instances when travel is safe and appropriate;

  • Friday lunch in the office;

  • Friendly, comfortable and high-end work equipment and informal office environment;

  • Hybrid work mode policy.

Teya is proud to be an equal opportunity employer.

We are committed to creating an inclusive environment where everyone regardless of race, ethnicity, gender identity or expression, sexual orientation, age, disability, religion, or background can thrive and do their best work. We believe that a diverse team leads to better ideas, stronger outcomes, and a more supportive workplace for all.

If you require any reasonable adjustments at any stage of the recruitment process whether for interviews, assessments, or other parts of the application—we encourage you to let us know. We are committed to ensuring that every candidate has a fair and accessible experience with us.

Posted 2026-07-18

Recommended Jobs

Senior Data Scientist - Relay Network

relay
London

Relay is fundamentally reshaping how goods move in an online era. Backed by Europe’s largest-ever logistics Series A ($35M), led by deep-tech investors Plural (whose portfolio spans fusion energy an…

View Details
Posted 2026-07-12

Pharmacy Technician

Welbeck
London

About the department The Welbeck Central Pharmacy is a specialist clinical pharmacy service supporting a high-performing private day-case centre in London. The department works across a range of s…

View Details
Posted 2026-07-04

KS2 Teacher - Woolwich

Marchant Recruitment
London

We are seeking an enthusiastic, dedicated, and experienced KS2 Teacher to join a friendly and inclusive primary school in Woolwich, starting ASAP. This is a fantastic opportunity for a teacher who is…

View Details
Posted 2026-02-10

KS1 Teacher - Battersea

Marchant Recruitment
London

An engaging Battersea primary is recruiting a Part-Time KS1 Teacher to join its KS1 phase from January 2026. This KS1 Teacher role is ideal for someone seeking high-impact teaching hours, great suppo…

View Details
Posted 2025-11-04

Lean Process Expert - Client Onboarding (2-Month Contract)

May Business Consulting
London

Hello! At MBC, we continue to grow and are currently looking for a Lean Process Expert to join an exciting short-term project. About MBC May Business Consulting is an international consulti…

View Details
Posted 2026-06-10

Senior Product Designer

incard
London

About Incard Incard’s mission is to build the financial operating system for entrepreneurs. We are focused on creating a system where business banking, financial tools, and application logic ar…

View Details
Posted 2026-07-12

Site Manager | Outstanding Primary School | Bromley

Marchant Recruitment
Bromley, Greater London

Position: Site Manager Location: Bromley Contract: Full-Time Start Date: September Site Manager Role in an Outstanding Primary School An Outstanding Primary School in Bromley is se…

View Details
Posted 2026-07-01