Senior DevSecOps Engineer

Eightcap is a dynamic online trading provider focused on delivering great trading tools and pro trading insight to enable smarter trading. With a commitment to excellence and a passion for delivering trading technology direct to clients and via our network of strategic partners, we are looking for an experienced Integration Engineer to join our team to deliver growth across global markets.

The company is headquartered in Melbourne, Australia and has offices in the UK, Cyprus, Bulgaria, Guatemala, Philippines, and Bahamas.

The Senior DevSecOps Engineer plays a key role in scaling and securing the business’s cloud environment by designing and automating secure Infrastructure as Code, CI/CD pipelines, and self-service tooling. You’ll be responsible for building hardened boilerplates that streamline infrastructure and application deployment, enabling teams to spin up secure, production-ready environments with minimal friction and maximum confidence.

Key Responsibilities

Infrastructure & Security Automation

• Design, implement, and maintain secure-by-default Infrastructure as Code (IaC) using Terraform to enable auditable and repeatable cloud deployments.
• Build and manage secure CI/CD pipelines with GitHub Actions, integrating security scanning and policy enforcement tools (e.g. Snyk, Trivy, Checkov).
• Maintain hardened boilerplates (.NET, Go, Python) with embedded security controls for standardised, production-ready environments.
• Develop and operate self-service automation tools that empower engineering teams to deploy securely and independently.

Cloud Security Engineering

• Architect and secure AWS environments using best practices in identity, networking, encryption, and secrets management.
• Implement and monitor guardrails to enforce least privilege and secure default configurations across all environments.
• Ensure secure implementation of serverless and containerised workloads (Lambda, Fargate, ECS/EKS) and apply runtime security controls.
• Proactively detect and remediate misconfigurations using tools like AWS Config, Inspector, and Security Hub.

Identity, Access & Compliance

• Enforce strong identity and access controls (RBAC, SSO, MFA) across cloud, CI/CD, and internal developer platforms.
• Automate compliance evidence collection and enforcement for standards including ISO 27001, SOC 2, and the AWS Well-Architected Framework.
• Collaborate with the CISO and Security team to define and integrate detection rules, audit logging, and security event pipelines into our SIEM (Microsoft Sentinel).
• Support secure secrets handling using tools such as AWS Secrets Manager, HashiCorp Vault, or SOPS.

Observability & Risk Reduction

• Deploy and manage end-to-end observability platforms (Datadog or Dynatrace), ensuring visibility across applications, cloud infrastructure, and security events.
• Define and track metrics around system health, security posture, and threat surface reduction.
• Champion proactive performance and cost optimisation, ensuring secure and efficient resource usage.

Culture, Leadership & Enablement

• Mentor engineers across security, cloud automation, and secure development practices.
• Drive a security-first culture within the DevOps function, promoting collaboration across development, infrastructure, and security teams.
• Help shape and maintain a secure software development lifecycle (SSDLC) across the organisation.
• Evaluate and introduce emerging DevSecOps tools, standards, and methodologies to improve security and delivery maturity.

Who are you?

• Deep experience with AWS services and secure cloud architecture.
• Proficient in Terraform and Infrastructure as Code (IaC).
• Hands-on experience building secure CI/CD pipelines with GitHub Actions.
• Familiarity with secure boilerplate development for .NET, Go, and Python.
• Strong background in container and serverless security (ECS, Lambda, Fargate).
• Identity and Access Management (IAM), RBAC, SSO, MFA—applied securely.
• Familiarity with secrets management (e.g. Vault, AWS Secrets Manager).
• Security and compliance automation for ISO 27001, SOC 2, and WAF.
• Experience with security scanning tools (Snyk, Trivy, Checkov, Bandit).
• Strong scripting skills (Python, Bash) for automation and remediation.
• Observability and logging via Datadog or Dynatrace.
• Collaborative mindset, able to work with Dev, Ops, and Security teams.

Why Eightcap?

• Ongoing investment in your career development 
• Wellness and lifestyle perks like monthly corporate massages
• Parental leave 
• Staff referral bonus program
• Employee-purchased leave 
• Perkbox reward and recognition
• Study assistance
• Dogs in the office
• Annual flu vaccinations
• Complimentary fruit and snacks
• Multicultural environment
• A dynamic and collaborative team culture
• Great CBD location with easy access to public transport
• Regular social activities

Are you interested in this opportunity but don’t meet every requirement? Eightcap endeavours to create an inclusive and diverse workforce by offering an opportunity for the right people and so we encourage you to apply.

We respectfully ask that no recruiters contact anyone at Eightcap regarding this role