Specialist DevSecOps Engineer - ESO

Location:

Wokingham, GB, RG41 5BN

Division: Electricity System Operator

Job Type:

Requisition Number: 51799

Department:

Job Function: Information Technology

About the role

Great Britain's electricity system is undergoing an ambitious, exciting and vital transformation. Together with industry, we are creating a cleaner, greener system, one that protects the planet and serves generations to come.

The Energy System Operator (ESO) are now looking for a Specialist DevSecOps Engineer to be a part of our growing cyber security team. This exciting opportunity within that team will allow the post holder the design, shape and embed the security elements of a wider move to a DevSecOps methodology across every phase of the software development and deployment in ESO as part of the ESO Security strategy.

The Specialist DevSecOps Engineer will work in collaboration with our wider Agile DevSecOps initiatives to automate and shift-left active security testing and auditing in a standardised and scalable manner. They will also foster a DevSecOps mindset and shared responsibility among engineering, data, security, and operations teams, to ensure continuous and automated security best practices are embedded during the software delivery and deployment process. This is an essential area of a comprehensive cyber defence in a rapidly changing threat landscape.

This role can be based from Wokingham or Warwick, and we continue to offer hybrid working from office and home.

About us

As Great Britain’s electricity system operator (ESO), we sit at the heart of the electricity system, using our outstanding engineering and commercial expertise to balance electricity supply and demand. Ultimately, we keep the electricity flowing directly to where it’s needed, second by second.

Becoming the Future System Operator
In 2021, government and Ofgem jointly consulted on proposals for an expert, impartial Future System Operator (FSO) with responsibilities across both the electricity and gas systems, to drive progress towards net zero while maintaining energy security and minimising costs for consumers. In October 2023, the Energy Act 2023 was passed, legislating for this Future System Operator to be created.

The ESO, including all of its existing roles, will be at the heart of the new Future System Operator. We will be taking on additional roles across vectors and sectors to create an organisation with a whole energy system mindset; enabling us to identify solutions to our energy system that are more sustainable, secure, and affordable for all.

The FSO will be set up as a public corporation with operational independence from government – bringing parties together to support optimised decision making and action. As now, it will be licenced and regulated by Ofgem through price control agreements. It is anticipated that the new organisation will be up and running in 2024.

The time to act on climate change is now. As part of our team, you won’t just be touching the lives of almost everyone in Great Britain – you’ll be shaping the way we use and consume energy for generations to come.

Key accountabilities

Develop and embed into automated pipelines strategies that secure and create efficiencies for on-premises and cloud-based systems
Integrate and automate active security testing and auditing into the operational and development processes using various tools and technologies following Agile DevSecOps and Security By Design.
Hands-on scripting, coding, configuration, development, and integration of security automation in partnership with the Agile DevSecOps team ensuring security is automated into continuous integration, deployment, and operation pipelines
Consult on DevSecOps requirements from diverse application/line of business partners
Provide regular reports and dashboards on the security status, trends, and metrics, integrate security incidents back into automated pipelines to proactively prevent reoccurrence
Help Develop and maintain security content and artefacts, such as rules, signatures, indicators, dashboards, reports, etc., to enhance the detection and response capabilities of the CSOC
Keep up to date with current and emerging DevSecOps ways of working to ensure that ESO leads by example
Collaborate with Agile DevSecOps initiatives and engineering teams within ESO to understand what is needed to activate the DevSecOps capability effectively.
As an advocate, determine appropriate stakeholders and establish relationships to ensure the Agile DevSecOps ways of working are considered at all stages of the development process.

About you

In-depth knowledge and experience in security engineering, operations, analysis, and response
Proficient in DevSecOps methodology, frameworks, tools, and automation integration, such as Ansible, Jenkins, Artifactory, Jira, Black Duck, Terraform, Git/Version Control Software, SAST, IAST, DAST, etc.
Experience in scripting or programming (Python, Bash, PowerShell, Etc)
Familiar with various security frameworks and standards, such as NIST, ISO, COBIT, etc.
Strong analytical and problem-solving skills and ability to handle complex and dynamic situations
Excellent communication and presentation skills and ability to communicate effectively with technical and non-technical audiences
Awareness of current and emerging cyber threats, trends, and best practices
Previous experience in critical national infrastructure or similar sector, involving the delivery of security engineering using the Agile DevSecOps methodology

What you'll get

A competitive salary between £55,000 – 65,000 – dependent on experience and capability.

As well as your base salary, you will receive a bonus based on company performance, 26 days annual leave as standard and a competitive contributory pension scheme where we will double match your contribution to a maximum company contribution of 12%.

You will also have access to a comprehensive benefits package tailored to support your well-being and professional success. From a competitive salary to flexible work arrangements, we promote your work-life balance. Enjoy fit for purpose wellbeing and lifestyle offerings, ongoing skill development aligned to our Purpose and Values, and be part of a supportive community that values your individuality and where you can belong.

More information

We work towards the highest standards in everything we do, including how we support, value and develop our people. Our aim is to encourage and support employees to thrive and be the best they can be. We celebrate the difference people can bring into our organisation, and welcome and encourage applicants with diverse experiences and backgrounds, and offer flexible and tailored support, at home and in the office.

We're committed to building a workforce that represents the communities we serve, and a working environment in which each individual feels valued, respected, fairly treated, and able to reach their full potential.

#LI-BO1

#LI-HYBRID

Provider	Description	Enabled
YouTube	YouTube is a video-sharing service where users can create their own profile, upload videos, watch, like and comment on videos. Opting out of YouTube cookies will disable your ability to watch or interact with YouTube videos. Cookie Policy Privacy Policy Terms and Conditions
Vimeo	Vimeo is a video hosting, sharing and services platform focused on the delivery of video. Opting out of Vimeo cookies will disable your ability to watch or interact with Vimeo videos. Cookie Policy Privacy Policy Terms and Conditions