Senior DevOps Engineer - Government Biometric Kiosk Solution at Secure Technology Solutions Limited, Remote, £400 - £600 a day

Contract Type: Fixed-term Contract (9 months, extendable)
Daily Rate: £400-600 per day
Location: Predominantly remote with periodic UK travel
Security Clearance: SC Clearance required
Start Date: ASAP

The Role

STSL is delivering a mission-critical biometric self-service solution for a UK government department. We need an experienced Senior DevOps Engineer with end-to-end accountability for Azure cloud infrastructure, CI/CD automation, and operational excellence.

This is a hands-on, senior technical role - not team management. You'll be the principal DevOps authority working directly with government stakeholders, shaping DevOps practices for a greenfield deployment of Azure Kubernetes Service, Windows IoT device fleets, and secure biometric workloads.

Your Responsibilities:

· Design and implement Azure cloud infrastructure (VNets, VPN Gateway, NSGs, Private Endpoints, Application Gateway, Front Door + WAF) meeting high availability SLA requirements

· Deploy and operate Azure Kubernetes Service (AKS) for containerized biometric services with geo-redundancy

· Build Azure DevOps CI/CD pipelines with integrated security scanning (SAST/DAST/SCA), blue-green deployments, and automated rollback

· Manage Windows 11 IoT Enterprise device fleet via Microsoft Intune (Update Rings, compliance policies, remote monitoring)

· Configure security controls (mTLS, certificate lifecycle, Key Vault rotation) aligned with NCSC Cloud Security Principles and ISO 27001

· Implement observability (Azure Monitor, Application Insights, Log Analytics/KQL); lead incident response and on-call rotation

· Support annual ITHC compliance testing and coordinate releases with government stakeholders

Technology Stack: Azure (AKS, App Services, SQL Database, Key Vault, Front Door, Entra ID, Intune), IaC (Azure Bicep/Terraform), Azure DevOps Pipelines, Docker/Kubernetes, Windows IoT, PowerShell

Essential Requirements

Experience:

· 6+ years infrastructure/DevOps engineering with 3+ years hands-on Microsoft Azure in production

· Proven track record delivering secure, highly available cloud infrastructure for complex, multi-stakeholder projects

· Experience working in highly regulated environments (government, finance, healthcare, defense) with formal change control and compliance requirements

· Understanding of security frameworks and compliance standards (NCSC, ISO 27001, or equivalent)

· DevSecOps practices and security automation experience

Technical Skills:

· Azure production experience: Compute (AKS, App Services, Functions), Networking (VPN Gateway, NSGs, Private Endpoints, Front Door), Security (Key Vault, Entra ID, Managed Identities), Data (SQL Database with TDE/Always Encrypted), Monitoring (Azure Monitor, Log Analytics, KQL)

· 3+ years CI/CD pipelines (Azure DevOps preferred; GitLab CI, Jenkins, or equivalent acceptable) with automated deployments

· 2+ years Infrastructure as Code experience (Azure Bicep, Terraform, ARM Templates, CloudFormation, Pulumi, or equivalent)

· 3+ years Docker/Kubernetes in production (AKS experience highly valuable)

· 3+ years DevSecOps (SAST, DAST, dependency/container scanning, compliance automation)

· Device/endpoint management experience (Microsoft Intune, SCCM, Jamf, or equivalent MDM solutions)

· Security integration (OWASP Top 10, PKI certificates, OAuth 2.0, mTLS) and PowerShell or scripting automation

Stakeholder Management:

· Strong communication skills for technical and non-technical stakeholders

· Experience coordinating with multiple parties (suppliers, technical teams, operational staff)

· Ability to produce clear technical documentation (architecture diagrams, runbooks, change requests, incident reports)

Personal Attributes: Self-motivated with ability to work independently and make sound technical decisions. Security-conscious with understanding of threat modeling and defense-in-depth principles. Detail-oriented with methodical approach to configuration management and documentation. Comfortable working in high-stakes environments where reliability, security, and compliance are critical. Ability to explain complex technical concepts clearly to varied audiences.

Desirable Skills

· UK government or public sector infrastructure experience (Home Office, MOD, MOJ, NHS, Police) - strong advantage

· Azure Bicep or Terraform specific experience (ARM Templates acceptable)

· Microsoft Intune specific experience with Windows IoT/LTSC devices

· NCSC Cloud Security Principles detailed knowledge and prior ITHC engagement

· Biometric, high-security, or IoT systems at scale

· ISO 27001, Cyber Essentials Plus certification processes

· TPM 2.0 hardware-backed security and certificate-based device authentication

· Blue-green/canary deployment patterns in production

· Power BI for operational dashboards and infrastructure analytics

· ITIL Foundation or equivalent service management framework

· GitOps principles and SRE practices

· DR/BCDR testing and geo-redundant architecture

· Bash scripting for Linux-based containerized services

Working Arrangements

Working Pattern: Full-time (5 days/week)
On-call: Participation in compensated out-of-hours support rotation
Right to Work: Indefinite UK right to work required (no sponsorship available)

Success Measures

· Azure infrastructure operational meeting high availability SLA requirements with minimal unplanned downtime

· Government-approved documentation and change control processes established and operating effectively

· CI/CD pipelines delivering secure, automated deployments with all critical vulnerabilities remediated before release

· Successful device fleet deployment via Intune with automated patching meeting government timescales

· Full compliance evidenced in annual ITHC testing with timely remediation of findings

· Positive stakeholder feedback on collaboration, responsiveness, and operational quality

How to Apply

Submit your CV highlighting: government/public sector infrastructure experience, Azure production deployments, DevSecOps automation, security compliance, and stakeholder management examples.

Recruitment Process: Initial screening call (30 mins) → Technical interview with Project Manager and Technical Lead (60-90 mins) → Practical scenario/case study (if required) → References, offer, and SC clearance initiation

STSL is an equal opportunities employer committed to diversity and inclusion.

Pay: £400.00-£600.00 per day

Work Location: Remote