Bupa is an international healthcare group which has been committed to a purpose of longer, healthier, happier lives and making a better world for more than 70 years. In Australia and New Zealand, Bupa supports more than 5 million customers through a broad range of health and care services including health insurance, aged care, rehabilitation, dental, optical, medical, hearing and medical visa services.

Help transform the health of millions of people!

What’s Your Role?

At Bupa, Cyber Security is critical for us and our customers to ensure your data is safe & secure.  We are never idle and constantly looking at uplifting our capabilities and improvements to stay ahead of the game. 

The Senior DevSecOps Engineer is responsible for driving the integration of security principles into the development and operations processes. This role will champion a security-first culture, design and implement robust security controls, and automate security testing and compliance measures. By collaborating closely with development, operations, and security teams, the Senior DevSecOps Engineer will ensure confidentiality, integrity, and availability of our systems and applications.

What will your day involve?

• Secure CI/CD Pipeline Management (Azure DevOps): Design, implement, manage, and optimize secure CI/CD pipelines and related processes within Azure DevOps. 
• Infrastructure as Code (IaC) with Security: Implement, maintain, and secure infrastructure using Terraform within Azure DevOps pipelines, incorporating security best practices.
• Automated Security Testing & Vulnerability Management: Integrate security scanning tools (SAST, DAST, SCA) and implement automated vulnerability management processes.
• Security Collaboration & Requirements: Collaborate with security teams to define security requirements and implement security controls across the SDLC.
• Secrets Management & Security Monitoring: Implement and manage secrets management solutions (e.g., Azure Key Vault) and security monitoring/logging.
• Security Assessments & Hardening: Conduct regular security assessments, penetration testing, and infrastructure hardening to minimize attack surface. 
• Container Security (Docker/Kubernetes): Implement and manage container security scanning and vulnerability management for Docker and Kubernetes environments.
• Network Security within IaC: Implement and manage network security controls within the infrastructure-as-code. • Policy as Code (OPA) Implementation: Implement and Policy as Code (OPA) for enforcing security and compliance policies.
• DevSecOps Mentorship & Training: Coach and guide engineering teams on secure coding practices and manage DevSecOps principles.
• Cross-Functional Collaboration: Work closely with development, operations, and security teams to ensure seamless integration of security. 
• DevSecOps Ownership & Advocacy: Drive DevSecOps adoption and ownership across the business, working closely with key stakeholders. 
• Continuous Improvement & Best Practices: Stay up-to-date with the latest DevSecOps trends and best practices, driving continuous improvement within the organization

What will I bring?

• Extensive DevSecOps Experience: 5+ years of practical experience in DevOps/DevSecOps roles, demonstrating a deep understanding of principles and implementation.
• Cloud & IaC Expertise: Strong expertise in a major cloud platform (especially Azure) and Infrastructure as Code (IaC) using Terraform. 
• CI/CD & Security Integration: Proven ability to design, implement, and secure CI/CD pipelines, integrating security scanning and vulnerability management tools. 
• Containerisation & Orchestration: Solid understanding and hands-on experience with containerisation technologies (Docker, Kubernetes) and container security. 
• Communication & Collaboration: Excellent communication, collaboration, and mentoring skills, with the ability to work effectively across teams and influence technical direction.
• Experience in deploying PaaS solutions, API’s, and Infrastructure as Code (Terraform) to Azure 
• Automation for build and release management - automate and streamline operations and processes • Release Management utilizing Azure DevOps/VSTS mandatory
• Excellent Scripting Skills (PowerShell, Shell and Python)

What’s in it for you?     

As well as a competitive salary, a range of Bupa benefits and flexible working/ work from home, you’ll be challenged and encouraged to innovate. You will collaborate strongly with colleagues who are committed to delivering exceptional experiences. We trust, respect and consider everyone, knowing your difference will make the difference.     Other benefits include discounts on health insurance, as well as access to our new global wellbeing program, Viva. 

Viva has been designed to help you to live a healthy and happy life. It encompasses a comprehensive health and wellbeing program which includes access to health insurance benefits that will assist with covering the cost of medical treatment, information and education sessions, and preventative healthcare screening such as annual health assessments and skin checks. You will also be eligible to access various discounted products and services through our VIVA wellbeing partnerships.