Lead Security Engineer, DevSecOps, VP
natwestgroup
Job Description
- Implement secure-by-design patterns using automated, policy-driven controls integrated into CI/CD pipelines across Azure
- Own vulnerability management and penetration testing activities, ensuring remediation is risk-based and aligned with PCI DSS where applicable
- Lead Azure security operations, including threat detection, alert triage, investigation, and incident response using SIEM/SOAR and automation to reduce MTTD/MTTR
- Define and maintain security policies, standards, and threat modelling practices while driving continuous improvement across security tooling and processes
The skills you'll need
We’re looking for an experienced Azure cloud security and SecOps professional with hands-on ownership of security design, detection, and incident response in modern DevSecOps environments. What’s more, you’re able to communicate technical concepts in a simple way for non-technical people .
Additionally, you’ll demonstrate:
- Proven experience of at least 15 years in cloud security engineering and leadership within a DevSecOps environment, including a minimum of 5 years in a people‑management role
- Azure experience, including hands-on ownership of security engineering and operations using Microsoft Defender for Cloud, Microsoft Sentinel (SIEM/SOAR), Azure Policy, and continuous compliance monitoring such as PCI DSS
- Strong knowledge of Azure DevOps, GitHub Advanced Security, CI/CD integration, and compliance frameworks such as GDPR and PCI DSS
- Hands-on experience of securing containerised workloads and AKS, including vulnerability management, runtime security, and Infrastructure as Code using Bicep
- Experience of information security policies and practices within the financial sector
- Strong stakeholder management skills and communication skills