Hoxton Wealth

DevSecOps Engineer

Hoxton Wealth  •  Dubai, AE (Onsite)  •  4 months ago
Apply
Save Job
Mark Applied Mark Interviewed Mark Offered
Hide Job Report Job
AI can make mistakes so check important info. Chat history is never stored.

Job Description

Position: DevSecOps Engineer (Mid-Level)

Hoxton Wealth is a leading global wealth management firm, delivering financial solutions to international investors and expatriates across regulated jurisdictions.

We are seeking a DevSecOps Engineer to embed security into our cloud-native development workflows and corporate IT environment. This role is suited to a mid-level engineer with strong hands-on experience securing AWS-based development platforms and integrating security controls into CI/CD pipelines, alongside responsibility for core IT security within Office 365.

You will play a key role in shifting security left across the software delivery lifecycle while ensuring production and corporate systems remain secure, observable, and compliant with ISO 27001 and related regulatory expectations. The role requires a pragmatic security mindset, balancing strong controls with developer velocity in a regulated environment.

You will work closely with engineering, platform, IT, and compliance teams to design and operate security capabilities that are scalable, auditable, and automation-driven.

Responsibilities

  • Design, implement, and operate DevSecOps practices across AWS-based development and production environments, aligned with ISO 27001 control objectives. Embed security controls into CI/CD pipelines, including static analysis, dependency scanning, container scanning, and policy enforcement, supporting secure SDLC requirements.
  • Own and operate security tooling such as SonarQube, Microsoft Sentinel, and related vulnerability, monitoring, and detection platforms.
  • Implement and maintain AWS security controls, including IAM, network segmentation, logging, encryption, and threat detection, in line with ISO 27001 Annex A controls.
  • Manage identity and access security across AWS and Microsoft 365, including role design, conditional access, MFA, and periodic access reviews.
  • Monitor, investigate, and respond to security alerts and incidents, contributing to incident management and continuous improvement processes.
  • Partner with engineering teams to define secure architecture patterns and ensure infrastructure-as-code adheres to approved security baselines.
  • Support secure software development by defining secure coding standards and working with teams to remediate findings identified through automated and manual reviews.
  • Own vulnerability management activities, including scanning, prioritisation, remediation tracking, and risk acceptance aligned with organisational risk processes.
  • Maintain security documentation, runbooks, and evidence required for ISO 27001 audits and internal reviews.
  • Support internal and external audits by providing evidence, implementing corrective actions, and tracking control effectiveness.
  • Continuously improve security automation, detection coverage, and operational resilience.

Requirements

  • 3–6 years of experience in DevSecOps, cloud security, or platform security roles.
  • Strong hands-on experience securing AWS environments, including IAM, VPCs, CloudTrail, GuardDuty, Security Hub, and encryption services.
  • Proven experience integrating security tooling into CI/CD pipelines, including SonarQube for static analysis and code quality enforcement.
  • Hands-on experience with SIEM and security monitoring tools, including Microsoft Sentinel or equivalent platforms.
  • Experience with container, dependency, and secrets security tooling.
  • Strong understanding of secure software development lifecycle (SSDLC) principles and shift-left security practices.
  • Experience securing Microsoft 365 environments, including Entra ID (Azure AD), Conditional Access, Defender, and email security.
  • Familiarity with ISO 27001 concepts, including risk management, control implementation, evidence collection, and audit support.
  • Experience working in regulated environments such as financial services, fintech, or similar industries.
  • Strong analytical and problem-solving skills, with the ability to balance security risk, usability, and delivery speed.
  • Clear written and verbal communication skills, with the ability to collaborate effectively with engineering, IT, and compliance teams.
Hoxton Wealth

About Hoxton Wealth

The Future of Wealth Management: International financial advice, investments, tax, and retirement planning, powered by award-winning wealthtech. Where innovation meets expertise to secure your financial future.

Hoxton Wealth provides unparalleled personal financial advice to expatriate clients living globally. Hoxton Wealth is a borderless, independent financial advisory consultancy, unrelenting in its commitment to safeguarding your financial future. Founded by UK qualified financial advisers, Hoxton Wealth offers a fresh approach with a dynamic energy that sets it apart from its competitors in the offshore marketplace.

Hoxton Wealth offers financial support across three stages:

- Wealth Protection

- Wealth Creation

- Wealth Preservation

Industry
Finance & Insurance
Company Size
201-500 employees
Headquarters
Global, OO
Year Founded
2018
Website
hoxtonwealth.com
Social Media