DevSecOps Delivery Consultant

The job on offer

Capgemini’s Global Cybersecurity Practice of over 4,000 professionals delivers projects, consulting and Managed Run services in all areas of IT and OT, from networks to cloud services and everything in between. Within this practice, we have a thriving and growing Global DevSecOps community. Not only are we seeking to grow our reputation within Capgemini but also to lead and innovate externally through contributions to relevant industry bodies such as OWASP.  It is our ambition to become renowned as a leader in the delivery of DevSecOps.  We are determined to grasp the opportunity presented by the cultural change bought about by DevOps and embed security as a true enabler, delivering continuous security improvement at the pace demanded by modern digital business.

You will provide security consulting and delivery capability to our customers as a trusted authority, architecting and delivering secure CI/CD pipelines for promotion of applications and infrastructure into hybrid cloud environments, while embedding security tooling and adopting a ‘shift-left’ approach.

You will provide security consulting and delivery capability to our customers as a trusted authority, architecting and delivering secure CI/CD pipelines for promotion of applications and infrastructure into hybrid cloud environments, while embedding security tooling and adopting a ‘shift-left’ approach.

Your role

    As a DevSecOps Delivery Consultant you’ll consult and delivery across one or more of the following areas:

•    Helping our clients to architect secure CI/CD pipelines.
•    Assessing the maturity of security within our clients DevOps processes.
•    Embedding static, dynamic, interactive and mobile application security testing tools within application CI/CD pipelines.
•    Embedding Software Composition Analysis tools within CI/CD pipelines.
•    Embedding container vulnerability scanning tools within CI/CD pipelines.
•    Automating the delivery of secure cloud configurations within AWS, Azure or GCP using Infrastructure as Code.
•    Embedding tools to scan Infrastructure as Code and test compliance with organizational cloud security policies within infrastructure CI/CD pipelines.
•    Definition of guardrails using cloud native technologies such as Azure Management Groups and Azure Policy or AWS Organizations and Service Control Policies.  
•    Automating secure configurations using tools such as Chef, Puppet and Ansible.
•    Delivery of DevSecOps pipelines with security tooling embedded within them using automation servers.
•    Definition of security requirements for container management services based on Kubernetes and Docker.
•    Definition of security requirements for source code repositories, binary repositories and secrets managers used within CI/CD pipelines. 
•    Working closely with software engineers and/or platform engineers to embed security thinking into DevOps teams. 
•    Delivery of security training to software engineers and/or platform engineers.
•    Development of secure coding standards.

Your profile

•    You will be comfortable working alone or as part of a team bring to use your experience in one or more of the following:
•    Practical hands on experience of embedding security within CI/CD pipelines. 
•    Confident architecting solutions for one of the major public cloud platforms.
•    Experience using application security testing tools and interpreting results.
•    Proven ability to develop DevSecOps requirements and lead development and delivery or DevSecOps architectures.
•    Experience working as a client-side advisor leading DevSecOps initiatives.
•    A thirst for knowledge, a self-starter who is interested in expanding their experience through continual development.

Key Technologies you’ll use (one or more of): AWS / Azure / GCP, GitHub / GitLab, Azure DevOps, Docker / Kubernetes, Jenkins / TeamCity / CircleCI / Bamboo, Chef / Ansible / Puppet, Veracode / CheckMarx / Fortify, OWASP ZAP / Burp Suite, Snyk, Terraform, JFrog Artifactory / JFrog X-Ray.

Working Flexibility

At Capgemini, we strive to deliver excellence for our clients whilst also creating an environment where our people can thrive, develop, and enjoy a positive work-life balance. Flexible working allows us to be agile in how we deliver to our clients and by offering more freedom in where and how our people work, contributes to a better employee experience.

All UK employees are eligible to request flexible working arrangements, which can be either informal or formal. Your manager will discuss your request with you and review it to ensure any arrangements work for you, your clients, your team, and our business.

Capgemini positively encourages applications from suitably qualified and eligible candidates regardless of sex, race, disability, age, sexual orientation, gender identity, religion or belief, marital status, or pregnancy and maternity. We are committed to hiring, developing and retaining the best people to deliver innovative, world-class solutions for our clients. We foster an inclusive culture that enables everyone to achieve their full potential and enjoy a fulfilling career with us. Our comprehensive flexible benefits package and lifestyle policies enable our employees to balance their individual, family and work-life needs.

About Capgemini

Capgemini is a global leader in partnering with companies to transform and manage their business by harnessing the power of technology. The Group is guided everyday by its purpose of unleashing human energy through technology for an inclusive and sustainable future. It is a responsible and diverse organization of 270,000 team members in nearly 50 countries. With its strong 50 year heritage and deep industry expertise, Capgemini is trusted by its clients to address the entire breadth of their business needs, from strategy and design to operations, fuelled by the fast evolving and innovative world of cloud, data, AI, connectivity, software, digital engineering and platforms. The Group reported in 2020 global revenues of €16 billion.

Get the Future You Want |



Posted on:

June 18, 2021

Experience level:

Experienced Professional

Contract type:

Permanent Full Time


Any UK Base


Infrastructure & Service Integration