DevSecOps Team Lead
DevSecOps Team Lead
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
About BMLL
We are the leading independent provider of harmonised Level 3 historical data and analytics to the worlds most sophisticated capital market participants. BMLL offers banks brokers asset managers hedge funds and global exchange groups immediate and flexible access to the most granular Level 3 T1 order book data and advanced analytics enabling them to accelerate research optimise trading strategies and generate alpha at unparalleled speed and scale.
BMLL is ISO 27001 certified storing petabytes of market data on our AWS-based analytics platform. We deliver fast reliable insights to clients across finance helping them make data-driven decisions at scale.
Our culture is inclusive and highly collaborative with a flat management structure that empowers our employees to get involved in decision making as we continue to grow and scale. We give all our employees share options so they participate in the growth and development of the business.
We offer a combination of remote and office (London based) working weekly team lunches and plenty of office snacks!
For more information please visit our website or visit our Twitter @bmlltech or LinkedIn @BMLL.
About the role:
Were seeking an experienced DevSecOps Team Lead to build guide and grow a high-performing DevSecOps function. Youll own the secure evolution of our AWS cloud-native infrastructure CI/CD pipelines and deployment practicesembedding security reliability and operational excellence into every phase of development and deployment. As a hands-on leader youll partner closely with Engineering Platform and Security stakeholders to ensure DevSecOps drives business value customer trust and peak cloud performance.
Key Responsibilities
Strategy & Technical Leadership
- Define and champion the DevSecOps roadmap aligning infrastructure security and engineering priorities.
- Set vision and standards for CI/CD (GitHub Actions Terraform JFrog) with built-in security (SAST SCA IaC scanning).
- Advocate AWS best practices (IAM KMS VPC security GuardDuty CloudTrail) and enforce Infrastructure-as-Code governance.
Infrastructure Ownership & Performance
- Architect deploy version (AMI/Docker) patch and govern AWS infrastructure end-to-end.
- Establish central IaC standards approval workflows and formal change controls.
- Standardise monitoring and observability: dashboards high-signal alerts and performance benchmarks (ECS/EKS Fargate GPU).
- Optimise costs and latency (warm container pools VPC endpoints tagging and governance).
Operational Security
- Govern a secure software supply chain: artifact management vulnerability scanning and SBOM generation.
- Drive shift-left securityintegrating secure patterns into developer workflows and CI/CD pipelines.
- Rapidly triage and remediate security alerts across build cloud and runtime environments.
Team Leadership & Management
- Mentor & Develop: Provide clear direction support and mentorship to a cross-functional team of DevOps and Security Engineers.
- Objectives & Reviews: Set and review individual/team objectives aligned to business goals; conduct regular 1:1s performance reviews and development conversations.
- Culture & Inclusion: Foster a collaborative psychologically safe environment that values open communication and continuous improvement.
- Skills & Growth: Identify skills gaps plan training and career-development initiatives.
- Resourcing & Balance: Ensure appropriate team resourcing balanced workloads and act as escalation point for conflicts or challenges.
- Cross-Functional Collaboration: Coordinate with other team leads on initiatives and resource planning.
- Best Practices: Champion DevSecOps ways of working and track KPIs (deployment frequency lead time failure rate MTTR security posture capacity and cost efficiency).
Governance & Compliance
- Lead risk assessments for new technologies and deployment patterns.
- Partner with Compliance to support ISO 27001 SOC 2 DORA and other frameworks.
- Ensure all configurations are version-controlled auditable and policy-compliant.
- Maintain and test Business Continuity and Disaster Recovery plans.
Requirements
What Were Looking For
Essential
- Proven DevSecOps/DevOps leadership with full-lifecycle AWS infrastructure ownership.
- Hands-on AWS (IAM VPC GuardDuty CloudTrail) CI/CD (GitHub Actions Terraform JFrog) and IaC governance.
- Deep application-security knowledge (OWASP Secure SDLC supply-chain risks).
- Scripting proficiency (Python Go or Bash) and experience with scanning tools (Trivy Grype SonarQube).
- Expertise in GitOps Policy-as-Code and compliance tooling.
Desirable
- AWS Security/DevOps certification.
- Regulated-industry experience (finance healthcare).
- Container/Kubernetes/Fargate and autoscaling familiarity (ECS/EKS Karpenter).
- Secret-management systems (Vault Secrets Manager).
- Exposure to ISO 27001 SOC 2 DORA frameworks.
Leadership Competencies
- Vision & Strategy: Evangelise secure performant DevSecOps roadmaps.
- Collaboration & Influence: Build strong partnerships across teams.
- Execution Excellence: Deliver reliable auditable optimised deployments.
- Continuous Improvement: Drive a culture of learning and innovation.
- Resilience & Ownership: Own outcomes through incidents and change.
- Customer Focus: Align practices to accelerate business value and user experience.
What We Offer
- Full influence over security infrastructure and DevSecOps strategy.
- Opportunity to build and lead a modern high-impact DevSecOps team.
- Cutting-edge tooling fully automated pipelines and cloud environments.
- Collaborative culture competitive salary benefits and career progression.
Benefits
- Competitive salary
- 25 days holiday plus bank holidays
- Share Options after completion of probationary period
- Discretionary Bonus
- Pension Scheme
- Private Medical Insurance
- Work remotely abroad for up to 40 business days each year
- Life Insurance
- Combination of remote and London-based office working (2-3 days in office per week)
- A yearly Well being Physical Activity budget
- Continuous learning through funded training and challenging projects
- Collaborative culture
- Weekly team lunches
- Free Fruit snacks and drinks provided throughout the day (When office based)
- Regular Team Socials
- Cycle to Work Scheme
We are an inclusive employer and welcome applicants from all backgrounds. We pride ourselves on our commitment to Equality and Diversity. We are committed to removing barriers throughout our hiring process. If you have any special requirements or require reasonable adjustments to help you access career opportunities at BMLL please do let us know
This JD may evolve over time. Additional responsibilities may be assigned as needed for the roles scope and seniority.
Employment Type
Full-Time
