DevSecOps Engineer

Hello! We're Teya.

Teya is a payment and software service provider, headquartered in London serving small, local businesses across Europe. Founded in 2019, we build easy to use, integrated tools that enable our members to accept payments and boost business performance.

At Teya we believe small, local businesses are the lifeblood of our communities.

We’re here because we don’t believe there’s a level playing field that gives small businesses with a fighting chance against the giants of the high street.

We’re here because we see banks and legacy service providers making things harder for them. We don’t think the best technology or the best service should be reserved for those with the biggest headquarters.

We’re here to fight for a future where small, local businesses can thrive, and to commit the same dedication they offer all of us.

Become a part of our story.

We’re looking for exceptional talent to join our mission. We offer a chance to create impact in a high-energy and connected culture, while benefiting from continuous learning opportunities, a supportive community which is proud to serve our mission, and comprehensive benefits.

Your Mission

As a Senior DevSecOps Engineer (Security Tooling & Enablement), you will be responsible for embedding automated security controls and guardrails into our CI/CD pipelines, cloud platforms, and developer workflows. You’ll build and operate internal security tooling and integrations that enable secure delivery at scale—focusing on automation, low-friction developer experience, and high-quality security feedback loops. You will partner closely with platform, cloud, AppSec, and SecOps teams to deliver scalable, reliable, and friction-reducing security capabilities across the engineering organisation.

Responsibilities

Security in CI/CD & Delivery Workflows

• Integrate and maintain security checks (SAST, DAST, SCA, secrets scanning) into CI/CD pipelines.

• Provide fast, actionable, low-noise feedback to developers.

• Embed infrastructure and application scanning into automated deployments.

Security Tooling & Platform Engineering

• Design, build, and operate internal security services, APIs, CLIs, and automation workflows.

• Apply strong software engineering practices to security tooling (testing, observability, version control).

• Treat security tooling as a product with clear documentation and support.

Policy-as-Code & Guardrails

• Implement and maintain policy-as-code guardrails for IaC, Kubernetes manifests, cloud accounts and identity configurations.

• Work with platform teams to define secure defaults and self-service patterns.

Platform Security & Detection Pipelines

• Support vulnerability scanning platforms and security telemetry pipelines.

• Ensure high-quality structured security data flows to SIEM/log platforms.

• Enable automated response actions via integrations and runbooks.

DevSecOps Culture & Enablement

• Champion secure engineering practices and a shared responsibility mindset.

• Drive enablement activities (office hours, guides, training) to improve adoption of secure patterns.

• Contribute to blameless post-incident reviews and continuous improvement.

Automation, AI & Operational Metrics

• Leverage automation and AI to reduce manual toil and enrich security findings.

• Define and track metrics such as time-to-feedback, signal-to-noise, and tooling adoption.

Requirements

• 5+ years in security engineering, DevSecOps, or platform engineering with significant security integration experience.

• Hands-on experience embedding security into CI/CD (SAST/DAST/SCA, container scanning, secrets detection).

• Proficiency with CI/CD platforms (e.g., GitHub Actions, GitLab CI, Jenkins) and IaC (e.g., Terraform).

• Strong software engineering and automation skills (Python, Go, Bash, or similar).

• Deep cloud-native experience (AWS preferred), including IAM, networking, and logging.

• Experience designing and implementing policy-as-code and security guardrails.

• Ability to collaborate cross-functionally, balancing security with delivery velocity.

Nice-to-Haves

• Experience in fintech or regulated environments.

• Familiarity with WAF/DDoS tools, Zero Trust, and vulnerability management programmes.

• Exposure to SOAR or security automation platforms.

• Relevant certifications (AWS Security, Kubernetes Security, GIAC, CISSP, etc.).

Ways of working

• Extreme ownership: You take end-to-end responsibility for outcomes, not just findings or tooling output

• Pragmatic and delivery-aware: You balance risk reduction with product velocity, focusing on changes that materially reduce risk

• Low-ego and collaborative: You build trust with engineers, product, and operations teams, influencing through credibility and partnership

• Impact-driven: You measure success through outcomes—risk reduction, adoption, and time-to-remediate—not activity

• Data-informed: You use metrics and trends to guide priorities and demonstrate impact

• High bar for craft: You produce clear documentation, reusable patterns, and automation that scale across teams

• AI-first mindset: You actively look for opportunities to use automation and AI to improve security outcomes

Teya is proud to be an equal opportunity employer.

We are committed to creating an inclusive environment where everyone regardless of race, ethnicity, gender identity or expression, sexual orientation, age, disability, religion, or background can thrive and do their best work. We believe that a diverse team leads to better ideas, stronger outcomes, and a more supportive workplace for all.

If you require any reasonable adjustments at any stage of the recruitment process whether for interviews, assessments, or other parts of the application—we encourage you to let us know. We are committed to ensuring that every candidate has a fair and accessible experience with us.