Stott & May are currently looking for a DevSecOps - GCP - Python to work for a large intl Banking & Finance giant on an initial 6 month contract.

Location: London (City)
Rate: £400 - £500 per day/Outside IR35

It's important that we are representing candidates from DevOps background so familiarity with DevOps and Cloud methodologies will be crucial.
GCP - Google Cloud knowledge is necessary, alongside Python & GitLab.

In this role, you will play a pivotal role in ensuring the security and integrity of their software development processes on GCP.
Your expertise in GCP, Rego policies, and Terraform will be instrumental in building a secure and efficient development pipeline.

DevSecOps - GCP - Python - Responsibilities:
* Develop, implement, and maintain Rego policies to enforce security controls and compliance standards within our GCP infrastructure and applications.
* Collaborate with development and operations teams to integrate security into the GCP-focused CI/CD pipeline, ensuring security checks and scans are automated and seamlessly incorporated.
* Leverage your GCP expertise to architect and implement secure microservices and containerized applications, ensuring compliance with GCP security best practices.
* Design and implement infrastructure-as-code (IaC) using Terraform to define and manage GCP resources securely and efficiently.
* Perform thorough security assessments on GCP environments, utilizing GCP-specific security tools and technologies, to identify and address potential vulnerabilities.
* Conduct threat modelling and risk assessments for GCP deployments, designing effective security solutions tailored to GCP services.
* Drive a culture of security awareness specific to GCP environments, ensuring security considerations are integrated throughout development.

DevSecOps - GCP - Python - Requirements:
* Bachelor's degree in computer science, Information Security, or a related field (or equivalent experience)
* 7+ years' experience
* Proven experience as a DevSecOps Engineer with a strong focus on GCP
* Expertise in Rego policies and policy-as-code practices especially with implementation in GCP
* In-depth understanding of GCP services, security controls, and best practices
* Proficiency in using GCP-specific security tools, vulnerability scanners, and penetration testing tools
* Strong experience with infrastructure-as-code (IaC) using Terraform for GCP resource provisioning and management
* Familiarity with CI/CD pipelines and automation tools (eg, Jenkins, GitLab CI/CD) with GCP integrations
* Solid knowledge of GCP security frameworks, standards, and compliance requirements
* Strong understanding of container security in GCP and experience securing microservices
* Relevant GCP certifications such as Google Professional DevOps Engineer, Google Professional Cloud Security Engineer, or similar certifications are highly advantageous.

There is a larger job description should of course there be interest. This is going to be a relatively quick mover, so I look forward to receiving profiles with the view of interviews being scheduled both this and next week.