Job Description Methods Business and Digital Technology LimitedMethods is a 100M+ IT Services Consultancy who has partnered with a range of central government departments and agencies to transform the way the public sector operates in the UK. Established over 30 years ago and UK-based, we apply our skills in transformation, delivery, and collaboration from across the Methods Group, to create end-to-end business and technical solutions that are people-centred, safe, and designed for the future.Our human touch sets us apart from other consultancies, system integrators and software houses - with people, technology, and data at the heart of who we are, we believe in creating value and sustainability through everything we do for our clients, staff, communities, and the planet.We support our clients in the success of their projects while working collaboratively to share skill sets and solve problems. At Methods we have fun while working hard; we are not afraid of making mistakes and learning from them.Predominantly focused on the public-sector, Methods is now building a significant private sector client portfolio.Methods was acquired by the Alten Group in early 2022.RequirementsRequirementsThe development, management and supporting of the infrastructure that underpins the platforms, applications, anddata which support the business. Automating where possible to facilitate the rapid delivery of approved capabilities to their respective environments in a secure manner. Must have good experience in developing Infrastructure as Code to automate the creation of infrastructure from development all the way to productionShould be passionate about improving ways of working and best practices by understanding the customer and the market trendsUnderstanding the needs of stakeholders and conveying this to the target audience. Testing and examining code written by others and providing an approval as part of the governance and review processEnsuring that systems are safe and secure against cybersecurity threats when developing by keeping in mind that the systems must be secure by designFamiliar with the NCSC secure design principlesFamiliar with managing the security of platforms whether they're on cloud or on-premises, including administration of secrets, tokens, and certificatesWorking with the team (business, architecture, engineers, security, data) to ensure that development and delivery follows established processes and works as intendedPlanning out projects and being involved in project management decisionsResponsible for the design, security, and maintenance of on-prem/cloud infrastructureMaking and guiding effective decisions, explaining clearly how the decision has been reached with the ability to understand and resolve technical disputes across varying levels of complexity and riskCommunicating effectively across organisational, technical, and political boundaries to understand the context and how to make complex and technical information and language simple and accessible for non-technical audiencesUnderstanding of how to expose data from systems (for example through APIs), link data from multiple systems, and deliver streaming servicesEnsuring that risks associated with deployment are adequately understood and documentedIntegrating security features in the software development life cycleIdentification and probable security risks, with their mitigating strategiesImplementation of security controlsMonitoring the infrastructure and the threat to securityEnsuring regulatory compliances for standards of securityEarly detection of security vulnerabilitiesFaster deployment of secure softwareBy following better compliance with security standards and regulationsGreater visibility into security risks and threatsHave experience or familiarity with working in an agile delivery methodology Ideal Candidates will demonstrate:Experience working with many teams especially security would be beneficialSolid infrastructure design experience for on-prem environments to implement or migrate applications and databasesHave experience with hybrid designs between on-premise and cloudSolid experience in a range of technologies and be able to make assessments as to what is best to be used for the projects and the organisation. As well as suggest and develop innovative approaches within constrained projects and environmentsStrong experience in software development change/release management processes and technical governance to fully understand the typical lifecycle and maintenance of live systemsAbility to work with containerization platforms such as Kubernetes, PKS, Docker; provisioning software including Ansible, Terraform, YAML; and application/infrastructure/data performance analysis and monitoringExperience of functional and non-functional testingExperience with automated deployment of applications, databases and infrastructureUnderstanding of the government digital service (GDS) manual and standards across Discovery/Alpha/Beta/Live phasesUnderstanding of SaaS, PaaS, IaaS technologies, and the implications of their use compared with bespoke developmentBeing able to provide training, support, and mentoring to the wider businessKnowledge of how to ensure that risks associated with deployment are adequately understood and documentedDesirable Skills & Experience:Worked as part of a system support team managing live systems and triaging & resolving incidents to resolution, including management of known defects and issuesWorked as part of a multi-disciplinary project teamExperience with Terraform and YAML to deploy on-prem/cloud infrastructureExperience with automation tools to build and deploy containerized applicationsExperience implementing effective instrumentation to monitor applicationsExperience implementing SAST and DAST tooling in deployment pipelines like Trivvy and SonarQubeExperience with on-prem DevOps toolingThis role will require you to have or be willing to go through Security Clearance. As part of the onboarding process candidates will be asked to complete a Baseline Personnel Security Standard; details of the evidence required to apply may be found on the government website Gov.UK. If you are unable to meet this and any associated criteria, then your employment may be delayed, or rejected . Details of this will be discussed with you at interview.
Job Title
DevSecOps (Contract)