DevSecOps Engineer

About Builder.ai

We’re on a mission to make app building so easy everyone can do it – regardless of their background, tech knowledge or budget. We’ve already helped thousands of entrepreneurs, small businesses and even global brands, like the BBC, Makro and Pepsi achieve their software goals and we’ve only just started.

Builder.ai was voted as one of 2023’s ‘Most Innovative Companies in AI’ by Fast Company, and won Europas 2022 ‘Scaleup of the Year’. Our team has grown to over 800 people across the world and our recent announcement of $250m Series D funding (and partnership with Microsoft) means there’s never been a more exciting time to become a Builder.

Life at Builder.ai

At Builder.ai we encourage you to experiment! Each role at Builder has unlimited opportunities to learn, progress and challenge the status quo. We want you to help us become even better at supporting our customers and take AI app building to new heights.

Our global team is diverse, collaborative and exceptionally talented. We hire people for their differences but all unite with our shared belief in Builder’s HEARTT values: (Heart, Entrepreneurship, Accountability, Respect, Trust and Transparency) and a let’s-get-stuff-done attitude.

In return for your skills and commitment, we offer a range of great perks, from hybrid working and a variable annual bonus, to employee stock options, generous paid leave, and trips abroad #WhatWillYouBuild

Why we need this role

We are seeking a talented and experienced DevSecOps Engineer to join our Platform Engineering team. You will be responsible for integrating security best practices into our DevOps processes, ensuring the security and integrity of our systems throughout the software development lifecycle.

Key Responsibilities:

• Collaborate with development and operations teams to integrate security into our infrastructure landscape and CI/CD pipelines, automating security checks and ensuring code and infrastructure meet security standards.
• Vulnerability Management: Conduct regular security assessments, vulnerability scans, and pen testing to identify and resolve security risks in our applications and systems.
• Implement and maintain security automation tools and processes to streamline security tasks, such as Ci/CD security controls and IaC security.
• Assist in the development and maintenance of incident response plans.  Actively monitor and resolve security incidents, including analysis, containment, eradication, and recovery.
• Compliance: Continual alignment with industry security standards and compliance requirements, ensuring our systems and processes align with relevant regulations and best practices.
• Provide mentoring, training and guidance to development and operations teams on secure coding practices, security awareness, and the importance of DevSecOps.
• Monitoring and Alerting: Set up and maintain security monitoring and alerting services to detect and respond to security incidents and threats.
• Collaboration: Work closely with cross-functional teams to promote a culture of security and compliance to ensure security is factored in at every stage of the development lifecycle.

Requirements

• Experience: Proven experience as a DevSecOps Engineer or a similar role
• Technical Skills: Strong knowledge of DevOps principles, cloud platforms ( AWS, Azure), CI/CD tools, containerisation (Docker, Kubernetes), and IaC languages (Terraform, Helm, Python, Bash).
• Deep understanding of security principles, secure coding practices, and knowledge of common vulnerabilities and attack vectors (OWASP).
• Relevant certifications such as Certified DevSecOps Engineer (DSOE), Certified Information Systems Security Professional (CISSP), or Certified Ethical Hacker (CEH) are a plus.
• Excellent communication and collaboration skills, with the ability to convey complex security concepts to both technical and non-technical stakeholders.
• Enthusiasm to work in fast-paced, high-pressure environments with rapidly evolving priorities.

Benefits

• Attractive performance related quarterly bonus
• Stock options in a $250 million funded Series D scale-up company
• Hybrid working
• 24 days annual leave + bank holidays
• 2 x Builder family days each year
• Time off between Christmas and New Year
• Generous pension contributions
• Private medical & dental insurance provided by AXA
• Access to our Perkbox