DevSecOps Engineer
HUB24
HUB24 leads the wealth industry as the best provider of integrated platform, technology and data solutions. At HUB24, we know the smartest investments start with our people. We are innovative and ambitious, and we move fast.
At HUB24, we empower our employees to bring their ideas and creativity to work. Rather than getting bogged down in bureaucracy and red tape, we build a culture that supports our team members to have a real impact on our business and the success of our customers.
HUB24 Limited is a company listed on the Australian Securities Exchange (ASX: HUB)
THE HUB24 STORY
We think creatively and we’re not constrained by traditional thinking or barriers to success. We’re led by experts, realists with ideas, grounded in commercial reality who are bold enough to visualise the future a little differently and to advocate for what matters to our clients. We are here to lead change and are committed to empowering better financial futures for more Australians.
Benefits and Life at HUB24
Learn more about our employee benefits HERE.
Job Summary
At HUB24, we’re committed to building secure, scalable, and high-performing technology that enables better financial futures. As a DevSecOps Engineer, you will play a key role in embedding security into every stage of the DevOps lifecycle.
You’ll work closely with platform, cyber, and engineering teams to automate security controls, improve resilience, and ensure compliance—while enabling fast, reliable software delivery. This role is ideal for someone who sees security as an enabler, enjoys solving complex challenges, and thrives in a collaborative, fast-paced environment.
Responsibilities
- Embed security practices across the SDLC, promoting a shift-left and secure-by-design approach
- Automate security controls within CI/CD pipelines to support efficient and secure releases
- Implement and manage application security testing (SAST, DAST, SCA, container scanning)
- Strengthen cloud security and infrastructure across AWS, Azure, or GCP, including IaC hardening
- Perform threat modelling, vulnerability management, and risk mitigation activities
- Ensure compliance with security frameworks and standards (CIS, NIST, ISO27001, PCI-DSS)
- Establish and enhance monitoring, logging, and alerting for security events
- Support incident response and remediation processes
- Manage identity and access controls, secrets management, and Zero Trust practices
- Collaborate with Dev, Sec, and Ops teams to promote shared ownership of security
- Provide guidance on secure coding practices and continuous improvement initiatives
Requirements
- Proven experience integrating security into CI/CD pipelines (e.g. Jenkins, GitHub Actions, GitLab CI, Azure DevOps)
- Hands-on experience with security testing tools (SAST, DAST, SCA, container security tools)
- Strong scripting and automation skills (Python, Bash, or similar)
- Experience with cloud platforms and security controls (AWS, Azure, or GCP)
- Knowledge of monitoring, logging, and alerting solutions for security events
- Experience with vulnerability management and remediation practices
- Solid understanding of security frameworks and compliance standards
- Familiarity with IAM, secrets management, WAF, and Zero Trust principles
- Strong problem-solving and risk analysis skills
- Excellent collaboration and communication skills, with the ability to work across multiple teams
The Recruitment Process
Acknowledgement email once your application has been submitted.
Our Talent team will start reviewing your application. If unsuccessful, you will be notified.
If your application progresses to the next stage, our Talent team will be in touch to discuss your alignment with the role.
If you’re a person with an impairment or disability, this is an opportunity to share with us any accessibility requirements that you may have for the role.
Should you require any accommodations to the recruitment process, please email [email protected], and one of our team will contact you.
Interviews can happen virtually or face-to-face with the hiring manager or other members of the broader team. Depending on the role, there may be more than two interviews.
Communication of outcomes to successful and unsuccessful candidates and feedback provided.
*As part of our process, a police check will be conducted on all successful candidates*. Further details on our HUB24 Group Recruitment Privacy Collection notice can be found here.
2024 Circle Back Initiative Employer– we commit to respond to every applicant.
Endorsed by WORK180 , we are proud to be recognised as an employer of choice for women.
We have been nominated and placed on the BOSS Best Places to work list.
Seek Star Awards 2024 - Nominated as a finalist for the Best Employer Brand Initiative
HUB24 is an equal opportunity employer. We are committed to creating an inclusive environment where diverse perspectives are valued and every individual is treated with respect. We welcome applications from people of all backgrounds, including Aboriginal and Torres Strait Islander peoples, people with disabilities, people from culturally and linguistically diverse communities, and people of all gender identities and sexual orientations. If you require adjustments to the recruitment process or have accessibility requirements, please let us know – we’re here to support you