DevSecOps Engineer

Location: London, UK and Krakow, Poland (hybrid flexible working)

Department: Engineering

Reports To: CTO

Sense Street is pioneering the use of generative AI and NLP to transform conversations into structured, real-time market insights for capital markets. Our platform powers workflow automation, analytics, and trading execution by extracting actionable signals from unstructured chat and communication data across asset classes and languages. We’re a rapidly scaling company focused on building secure, enterprise-grade AI products that meet the stringent needs of global financial institutions.

We’re seeking a DevSecOps Engineer to embed DevOps best practices and security deeply into our development lifecycle, infrastructure, and AI-driven products. You will be instrumental in shaping how DevOps best practices and security are integrated into cloud and on-premise infrastructure, and CI/CD pipelines while working closely with the broader Engineering and Data Science organisations to build highly available, scalable systems. This role blends development, operations, and security to ensure our delivery processes are fast, reliable, and secure by default.

• Design, build, and maintain reliable, scalable, secure cloud and on-premise infrastructure and services
• Devise key principles and tenets that underpin Sense Street’s architecture from current customers’ needs to the future of financial markets.
• Integrate DevOps best practices and security across the SDLC
• Automate infrastructure provisioning, deployments, integration testing and other operational workflows. Implement automated security checks and controls in build/test/deploy/release pipelines to catch issues and vulnerabilities early, and ensure secure releases. Identify and reduce operational toil through tooling and automation.
• Infrastructure security, data protection & automation: Define and enforce secure configurations using IaC, hardening cloud and on-premise environments, container platforms (e.g., Kubernetes, Docker), codebase, and IAM policies.
• Improve infrastructure and service observability, monitor and respond to alerts and issues: Enable continuous monitoring through metrics, logging, distributed tracing and alerting for performance, availability and security incidents, and support incident response procedures. Lead incident response, postmortems, security and reliability improvements.
• Threat identification & remediation: Perform automated security scans and testing, and drive vulnerability assessments, risk analysis, and penetration testing to uncover and mitigate security gaps in our services, APIs and applications.
• Scalability testing and chaos engineering: Run gamedays to ensure availability SLAs as users and transactions increase, and failures occur (e.g. network failure, latency injection etc.).
• Collaborate across teams: Work with developers, data scientists, IT administrators and support, and other DevSecOps / Site Reliability Engineers to provide guidance on secure coding and DevOps practices, and high availability and security architecture patterns.
• Documentation & training: Create and maintain best DevOps practices and security standards, runbooks, and internal training to foster a “secure by design” DevOps culture.
• Compliance & best practices: Ensure alignment with relevant regulatory and enterprise standards (e.g., ISO27001, GDPR, SOC2) as the business scales.

• Proven experience in DevOps, Security Engineering and/or DevSecOps roles.
• Strong scripting skills (Python, Bash, etc.) and IaC tools (AWS CDK / Cloud Formation, Terraform etc.) for automation.
• Hands-on experience with CI/CD tools (e.g., GitLab CI/CD, GitHub Actions, Jenkins).
• Experience with cloud platforms (AWS, GCP, Azure) and cloud security best practices.
• Familiar with container orchestration and security (Docker, Kubernetes).
• Knowledge of secure, scalable and high availability architecture patterns.

• Observability tools and best practices.
• Chaos engineering and performance scalability testing and gamedays.
• Logs and metrics graphs analysis, issue diagnostics and troubleshooting.
• Structured and analytical approach to incident response and problem solving

• Vulnerability scanning and threat modeling methodologies.
• Understanding of authentication/authorization frameworks and cryptographic practices.
• Familiarity with compliance standards and secure development frameworks.

• Excellent problem-solving and analytical capabilities.
• Effective communicator with the ability to articulate security needs to technical and non-technical stakeholders.
• Strong sense of ownership and a passion for secure, high-quality product delivery.

• Be part of a high-impact team shaping the future of AI in capital markets.
• Opportunity to build security practices from the ground up in a growing fintech environment.
• Real ownership and influence over system design, reliability and scalability.
• Collaborative culture and exposure to cutting-edge technologies in cloud, AI, and secure engineering.

• Hybrid Flexible Working - home/office
• Pension
• Share Options Scheme
• Private Healthcare