PlexTrac

Senior DevSecOps Engineer (UK&I)

PlexTrac  •  United Kingdom of Great Britain and Northern Ireland (Remote)  •  2 hours ago
Apply
AI can make mistakes so check important info. Chat history is never stored.

Job Description

About PlexTrac

PlexTrac is a cybersecurity agentic company helping security teams automate red teaming, pentest reporting, exposure management, and remediation workflows. Our platform is used by penetration testers, red teams, consultants, enterprises, and managed security providers to operationalize security findings and improve collaboration across technical and executive stakeholders.

We are a remote-first company headquartered in the United States with distributed team members across North America, Europe, and Asia. We are committed to ownership, transparency, practical problem-solving, and building products that customers genuinely rely on.

Why This Role Matters


We’re looking for a Senior DevSecOps Engineer (UK&I) as we scale our platform and infrastructure to lead the charge on security and reliability at the system level. This role will work closely with engineering, product, and leadership to architect and implement systems that are resilient, secure, and scalable from day one. You'll be responsible for owning infrastructure, security, and reliability end-to-end, helping to shape the technical strategy.

This is a high-impact, hands-on role for a senior engineer who thrives in a small, fast-paced team environment. Are you up for the challenge? Apply today!

Location: Remote — UK&I only.

Key Responsibilities

  • Cloud & Infrastructure Security - Write and maintain Infrastructure as Code (IaC) with secure defaults, ensuring least privilege access and robust cloud configurations.
  • Vulnerability Management - Hunt for weaknesses, perform threat modeling, prioritize remediation, and guide engineering teams on how to fix discovered flaws.
  • Incident Response & Monitoring - Monitor live systems, investigate security anomalies, and respond to breaches.
  • Develop, deploy, and maintain Infrastructure-as-Code (IaC) in a GCP cloud-based environment
  • Lead the development and enforcement of security architecture and operational best practices
  • Establish monitoring, alerting, and incident response strategies across environments
  • Define and execute on security roadmaps (e.g., threat modeling, vulnerability scanning, IAM policies)
  • Partner with developers to shift security and reliability left into the SDLC
  • Support compliance and audit initiatives (SOC2, ISO27001)
  • Develop and maintain automated CI/CD pipelines for DBs, Servers, containers, and applications using DevSecOps tools to include Terraform, Ansible, GitHub, ArgoCD
  • Develop integration interfaces using Python, Bash and Go
  • Deploy and maintain complex modern cloud architectures
  • Create automated testing plans for infrastructure and applications
  • Create and update technical documentation (e.g. user guides, infrastructure diagrams)
  • Work across infrastructure that contains both Linux and Windows
  • Work and communicate effectively in a group environment with technical and non-technical, management and customer both written and verbally
  • Utilize robust troubleshooting skills
  • Instill and apply solid engineering rigor, to include configuration management, testing
  • Develop/engineer as part of an Agile team

Qualifications

  • 5+ years of experience in DevOps, SRE, or DevSecOps roles, with increasing leadership or ownership
  • Deep knowledge of cloud infrastructure, with a focus on security, scalability, and cost-efficiency
  • Strong experience with infrastructure-as-code (Terraform, Ansible)
  • Fluency in CI/CD automation (GitHub Actions, ArgoCD, etc.)
  • Strong understanding of security fundamentals: identity and access management, secrets management, encryption, container security, etc.
  • Familiarity with compliance frameworks like SOC2 or ISO27001
  • Comfortable writing code and automation scripts (e.g., Python, Bash, Go)
  • A strategic mindset paired with startup scrappiness—you can zoom out and drive systems-level thinking, and also dive in and ship
  • Experience with Kubernetes, service mesh (e.g., Istio), and zero-trust architecture
  • History of leading incident response or large-scale reliability improvements
  • Strong communication skills across engineering and non-technical stakeholders

Tools & Technical Environment

Cloud environment running VMs with docker containers, GKE clusters and managed services, with an ongoing initiative to modernize the infrastructure further. IaC using Terraform, GitHub, Ansible and ArgoCD. Support for customer hosted installations involving various configurations.

Work Style

We operate as a remote-first, distributed team with a strong asynchronous culture. We value thoughtful communication, autonomy, and collaboration, with core working hours that partially overlap with U.S. Eastern Time.

Employees are administered through our EOR partner: Remote.

We’re committed to building an inclusive workplace where people from all backgrounds can thrive. We welcome applicants regardless of race, ethnicity, religion, gender identity, sexual orientation, age, disability, or background.

If you require accommodations during the interview process, please let us know: HR@plextrac.com

#LI-Remote

PlexTrac

About PlexTrac

PlexTrac is the leading AI-powered platform for pentest reporting and threat exposure management, trusted by Fortune 500 companies and top security providers including Expedia, Mandiant, Deloitte, and KPMG. Built to help cybersecurity teams continuously manage and reduce threat exposure, PlexTrac centralizes security data, streamlines reporting, prioritizes risk, and automates remediation workflows—empowering teams to drive measurable risk reduction.

Industry
IT & Software
Company Size
51-200 employees
Headquarters
Boise, Idaho
Year Founded
2016
Social Media