InfoSec People Ltd

About the Company

InfoSec People is a specialist IT and Information Security recruitment business. We are committed to providing best-practice recruitment solutions, upholding the highest levels of service and delivery for our clients and candidates alike.

InfoSec People provide Permanent, Contract and Executive Search recruitment solutions in the Information Security sector, working closely with our clients to find the right career move or the best talent in the industry to drive business forward.

Our capability to supply includes:
- Technical Security Professionals
- Governance & Compliance Professionals
- Security Executive Management & Directors
- Design and Development teams
- Penetration Testing & Digital Forensics
- Cyber & Security Sales teams

InfoSec also hold the following certifications and memberships as a testament to our Best Practice approach:
- Full APSCo Corporate Membership
- Full REC Corporate Membership
- IISP (Institute of Information Security Professionals) Silver Membership
- Cyber Essentials Certified
- FSQS Certified
- GCloud Supplier

Call 01242 507 100 for a confidential discussion.

Listed Jobs

Company Name

InfoSec People Ltd

Job Title

DevSecOps Engineer - Remote - 3 Month Initial Contract

Job Description

**Job Title:** DevSecOps Engineer (Azure, Wiz) – Remote (Inside IR35) **Role Summary:** Secure and optimize cloud‑based applications and APIs on Azure by integrating security throughout the CI/CD pipeline, managing cloud posture, and guiding engineering teams on risk mitigation. The role is contract‑based (initial 3 months) and fully remote, requiring UK work eligibility. **Expectations:** - Deliver end‑to‑end cloud security for Azure environments. - Embed security testing and controls into development and release processes. - Communicate risk findings and remediation strategies to technical and product stakeholders. - Support customer‑facing digital platforms or loyalty ecosystems (preferred). **Key Responsibilities:** 1. Design and implement network segmentation, identity, and key management controls in Azure. 2. Integrate OWASP‑based application and API security testing (SAST, DAST) into CI/CD pipelines. 3. Evaluate and remediate findings from cloud‑posture tools (Wiz) and code‑security tools (GitHub Advanced Security, Snyk, Semgrep, Prisma). 4. Conduct threat‑modeling and apply Zero‑Trust principles across services. 5. Provide guidance on secure mobile SDK/API usage for Android/iOS applications. 6. Produce clear security documentation and risk reports for engineering and product teams. **Required Skills:** - Deep expertise in Azure cloud security (network, identity, key management). - Strong knowledge of application/API security, OWASP Top 10, SAST/DAST, and CI/CD integration. - Experience with security tooling: Wiz, GitHub Advanced Security, Snyk, Semgrep, Prisma. - Understanding of threat modeling, Zero‑Trust architecture, and Secure Software Development Lifecycle (SSDLC). - Ability to translate technical security risks into actionable recommendations for non‑technical stakeholders. - (Desirable) Experience supporting large‑scale customer‑facing digital platforms or loyalty ecosystems. **Required Education & Certifications:** - Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent experience). - Relevant security certifications preferred (e.g., Azure Security Engineer Associate, CISSP, CISM, or similar).

United kingdom

Remote

17-10-2025

Company Name

InfoSec People Ltd

Job Title

Cyber Security Engineer

Job Description

**Job Title:** Cyber Security Engineer **Role Summary:** Drive the lifecycle of cloud‑centric security operations (SecOps) for a global organization, configuring, tuning, and optimizing leading security platforms (CrowdStrike, Rapid7 IDR, InsightVM, CloudSec, AppSec) and Azure Security services. Automate audits, reports, and API interactions using Python or PowerShell to enhance operational efficiency. Investigate alerts, manage phishing investigations, review firewall and NSG rule sets, maintain global SecOps dashboards, and ensure the reliability of security tooling. **Expectations:** - Deliver secure, scalable solutions in a dynamic, cloud‑first environment. - Continuously improve security posture through automation and process refinement. - Collaborate closely with cross‑functional teams to address security incidents and trend analysis. **Key Responsibilities:** - Configure, tune, and integrate CrowdStrike, Rapid7, and Azure Security stack components. - Develop Python/PowerShell scripts to automate security audits, reporting, and API workflows. - Investigate security alerts, perform phishing case analysis, and triage incidents. - Review and update firewall and network security group (NSG) rules to meet evolving threat landscape. - Maintain and enhance SecOps dashboards for real‑time monitoring of security tool health. - Participate in global incident response and remediation activities. - Implement continuous improvement initiatives for security automation and tooling efficiency. **Required Skills:** - Hands‑on experience with CrowdStrike, Rapid7 (IDR, InsightVM, CloudSec, AppSec), and Azure Security services. - Advanced scripting with Python or PowerShell for automation, reporting, and API integration. - Strong understanding of cloud security architecture, firewall & NSG configuration, and threat detection principles. - Ability to analyze security alerts, conduct phishing investigations, and manage incident triage. - Familiarity with SecOps dashboards and monitoring tools. - Excellent problem‑solving skills, proactive mindset, and collaborative communication. **Required Education & Certifications:** - Bachelor’s degree in Computer Science, Information Security, or related field. - Relevant certifications such as CISSP, CompTIA Security+, CEH, or security‑specific cloud certifications (e.g., Azure Security Engineer Associate, CrowdStrike Falcon Certified SOC Analyst) preferred.

London, United kingdom

Remote

11-12-2025