InfoSec People Ltd

About the Company

InfoSec People is a specialist IT and Information Security recruitment business. We are committed to providing best-practice recruitment solutions, upholding the highest levels of service and delivery for our clients and candidates alike.

InfoSec People provide Permanent, Contract and Executive Search recruitment solutions in the Information Security sector, working closely with our clients to find the right career move or the best talent in the industry to drive business forward.

Our capability to supply includes:
- Technical Security Professionals
- Governance & Compliance Professionals
- Security Executive Management & Directors
- Design and Development teams
- Penetration Testing & Digital Forensics
- Cyber & Security Sales teams

InfoSec also hold the following certifications and memberships as a testament to our Best Practice approach:
- Full APSCo Corporate Membership
- Full REC Corporate Membership
- IISP (Institute of Information Security Professionals) Silver Membership
- Cyber Essentials Certified
- FSQS Certified
- GCloud Supplier

Call 01242 507 100 for a confidential discussion.

Listed Jobs

Company Name

InfoSec People Ltd

Job Title

Cloud Security Platform Engineer

Job Description

**Job Title** Principal Security Platform Engineer – Cloud **Role Summary** Senior hands‑on security engineer responsible for shaping, implementing, and maintaining the cloud security posture across a large Azure environment. Drives the adoption of security tooling, policy automation, and DevSecOps practices to safeguard Kubernetes, container, and serverless workloads for a high‑transaction organization. **Expectations** - Minimum 5 years of security engineering experience with deep cloud security expertise. - Proven knowledge of Microsoft Cloud Security technologies (Azure Security Center, Defender, Sentinel, etc.). - Hands‑on experience securing AKS, containers, and serverless functions. - Strong understanding of cloud compliance, governance, and policy frameworks. - Ability to communicate complex security concepts clearly and influence cross‑functional stakeholders. **Key Responsibilities** - Act as SME for cloud security across the Azure landscape. - Implement, configure, and tune CASBs, CSPMs, CWPPs, CNAPPs, and Microsoft security tooling. - Secure Kubernetes, container, and serverless workloads. - Define, automate, and enforce security standards and policies using policy‑as‑code (e.g., Terraform, Bicep). - Drive DevSecOps adoption, embedding controls into CI/CD pipelines. - Collaborate closely with Cloud Platform, Networks, InfoSec, and SOC teams to ensure integrated security. **Required Skills** - Azure security architecture and operations. - Experience with CASB, CSPM, CWPP, CNAPP solutions. - Microsoft security tools (Azure Defender, Sentinel, etc.). - Container and serverless security (AKS, Azure Functions). - Policy‑as‑code with Terraform or Bicep. - DevSecOps integration (CI/CD pipelines, automation scripts). - Cloud compliance, governance, and policy frameworks. - Excellent communication and stakeholder‑management skills. **Required Education & Certifications** - Relevant degree in Computer Science, Information Security, or related field (or equivalent experience). - Industry security and cloud certifications preferred: Microsoft Certified: Azure Security Engineer Associate, CISSP, CISM, or similar.

London, United kingdom

Hybrid

Mid level

12-09-2025

Company Name

InfoSec People Ltd

Job Title

DevSecOps Engineer - Remote - 3 Month Initial Contract

Job Description

**Job Title:** DevSecOps Engineer (Azure, Wiz) – Remote (Inside IR35) **Role Summary:** Secure and optimize cloud‑based applications and APIs on Azure by integrating security throughout the CI/CD pipeline, managing cloud posture, and guiding engineering teams on risk mitigation. The role is contract‑based (initial 3 months) and fully remote, requiring UK work eligibility. **Expectations:** - Deliver end‑to‑end cloud security for Azure environments. - Embed security testing and controls into development and release processes. - Communicate risk findings and remediation strategies to technical and product stakeholders. - Support customer‑facing digital platforms or loyalty ecosystems (preferred). **Key Responsibilities:** 1. Design and implement network segmentation, identity, and key management controls in Azure. 2. Integrate OWASP‑based application and API security testing (SAST, DAST) into CI/CD pipelines. 3. Evaluate and remediate findings from cloud‑posture tools (Wiz) and code‑security tools (GitHub Advanced Security, Snyk, Semgrep, Prisma). 4. Conduct threat‑modeling and apply Zero‑Trust principles across services. 5. Provide guidance on secure mobile SDK/API usage for Android/iOS applications. 6. Produce clear security documentation and risk reports for engineering and product teams. **Required Skills:** - Deep expertise in Azure cloud security (network, identity, key management). - Strong knowledge of application/API security, OWASP Top 10, SAST/DAST, and CI/CD integration. - Experience with security tooling: Wiz, GitHub Advanced Security, Snyk, Semgrep, Prisma. - Understanding of threat modeling, Zero‑Trust architecture, and Secure Software Development Lifecycle (SSDLC). - Ability to translate technical security risks into actionable recommendations for non‑technical stakeholders. - (Desirable) Experience supporting large‑scale customer‑facing digital platforms or loyalty ecosystems. **Required Education & Certifications:** - Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent experience). - Relevant security certifications preferred (e.g., Azure Security Engineer Associate, CISSP, CISM, or similar).

United kingdom

Remote

17-10-2025