Platzhalter Bild

DevOps Engineer (Security Operations) at Skin Analytics

Skin Analytics · London, United Kingdom · Onsite

Apply Now

In this role you will lead the charge in securing and scaling our infrastructure and CI/CD pipelines for regulated clinical software. Working cross-functionally with engineering, QA, product, and regulatory teams, you’ll design, implement, and monitor secure, traceable DevOps workflows. You enable rapid, compliant delivery of Software as a Medical Device (SaMD) products.

Please note: this role requires in office presence for 3 days a week. Our office is in Farringdon, London. If you can't commit to this, please don't apply.


Responsibilities

  • Own SecOps across our stack by managing secure AWS infrastructure, CI/CD pipelines, and developer environments using least-privilege and zero-trust principles.
  • Integrate automated security scans (Snyk, Docker, IaC) into all stages of the SDLC.
  • Design, implement, and maintain AWS infrastructure as code using Terraform and Ansible
  • Deliver threat models and drive remediations across cloud services (EC2, S3, RDS, etc.).
  • Build Docker-first workflows with image scanning, tagging, and artifact management.
  • Write and own SOPs for secure deployment and incident response aligned to ISO 27001 and IEC 62304.
  • Extend observability through CloudWatch/ELK stack dashboards, anomaly detection, and alerting for security and performance monitoring.
  • Support Transformation team by resolving any security queries that clients might have in their onboarding & deployment

What success looks like:
3 months

  • Complete access audits and enforce secure MFA + least-privilege access across AWS, Bitbucket, and key tools
  • Identify and remediate top 5 security risks in CI/CD pipelines and cloud architecture
  • Fully integrate Snyk into all pipelines with automated alerts and reporting

6 months

  • Mature pipelines to support automated tests, security gates, and gated deploys across all services

12 months

  • Implement full-stack observability with anomaly alerts and dashboards for security and reliability using the ELK stack

Requirements

Have deep expertise in:

  • Cloud Infrastructure (AWS): EC2, S3, RDS, IAM, VPC, CloudWatch, CloudTrail, Lambda, SQS/SNS
  • CI/CD Pipelines: Bitbucket Pipelines (or similar), multi-stage pipeline management, gated deployments
  • Security Operations: Snyk, IAM policies, threat modeling, zero-trust access, MFA, secrets management
  • Implementing and automating compliance requirements (IEC 62304, ISO 27001, HIPAA, MDR)
  • Delivering secure software pipelines for Node.js, React, and Docker-based services
  • Writing secure deployment ansible playbooks and participating in internal audits or regulatory submissions
  • Production workloads supported by Terraform and ansible, hosted on AWS
  • Strong networking knowledge, including VPCs, subnets, routing tables, security groups, and NACLs, route53, load balancers

Behaviours required:

  • Takes ownership: full accountability for infra, tooling, and controls; sees it through to completion.
  • Bias for automation: believes manual work should be temporary, builds repeatable pipelines and workflows.
  • Detail obsessed: doesn't miss the small stuff. Every commit, config, and policy matters in regulated software.
  • Clear communicator: explains risks, trade-offs, and technical plans to both engineers and non-tech stakeholders.
  • Collaborative & pragmatic: works well across disciplines and adapts to real-world constraints.

Benefits

💰Competitive salary

     Share options package - all our employees have ownership in the company

🏥Private healthcare

🌴25 days annual leave (5 day company shutdown in August + bank holidays)

👪Enhanced parental leave - includes adoption & foster

🚲Bike to work scheme

💻Training budget

     Weekly catch-ups, monthly meetings to talk about you, your ambitions and make plans

🎊Lots of fun social activities including company offsite!



Our Values

🌱 Building a Strong Foundation 

🎓 Always Learning 

🏅 Lead from the Front 

💪 Tough and Resilient 



The Real Stuff

Skin Analytics embraces and is committed to diversity and equal opportunities. We are dedicated to building a team that represents a variety of backgrounds, perspectives, and skills. The more inclusive we are, the better our work will be.

Apply Now

Other home office and work from home jobs