DevSecOps Team Lead

About BMLL

We are the leading independent provider of harmonised Level 3 historical data and analytics to the world’s most sophisticated capital market participants. BMLL offers banks, brokers, asset managers, hedge funds and global exchange groups immediate and flexible access to the most granular Level 3, T+1 order book data and advanced analytics, enabling them to accelerate research, optimise trading strategies and generate alpha at unparalleled speed and scale.

BMLL is ISO 27001 certified, storing petabytes of market data on our AWS-based analytics platform. We deliver fast, reliable insights to clients across finance, helping them make data-driven decisions at scale.

Our culture is inclusive and highly collaborative, with a flat management structure that empowers our employees to get involved in decision making as we continue to grow and scale.  We give all our employees share options so they participate in the growth and development of the business.

We offer a combination of remote and office (London based) working, weekly team lunches and plenty of office snacks!

For more information, please visit our website, www.bmlltech.com or visit our Twitter, @bmlltech or LinkedIn, @BMLL.

About the role:

We’re seeking an experienced DevSecOps Team Lead to build, guide and grow a high-performing DevSecOps function. You’ll own the secure evolution of our AWS cloud-native infrastructure, CI/CD pipelines and deployment practices—embedding security, reliability and operational excellence into every phase of development and deployment. As a hands-on leader, you’ll partner closely with Engineering, Platform and Security stakeholders to ensure DevSecOps drives business value, customer trust and peak cloud performance.

Key Responsibilities

Strategy & Technical Leadership

• Define and champion the DevSecOps roadmap, aligning infrastructure, security and engineering priorities.
• Set vision and standards for CI/CD (GitHub Actions, Terraform, JFrog) with built-in security (SAST, SCA, IaC scanning).
• Advocate AWS best practices (IAM, KMS, VPC security, GuardDuty, CloudTrail) and enforce Infrastructure-as-Code governance.

Infrastructure Ownership & Performance

• Architect, deploy, version (AMI/Docker), patch and govern AWS infrastructure end-to-end.
• Establish central IaC standards, approval workflows and formal change controls.
• Standardise monitoring and observability: dashboards, high-signal alerts and performance benchmarks (ECS/EKS, Fargate, GPU).
• Optimise costs and latency (warm container pools, VPC endpoints, tagging and governance).

Operational Security

• Govern a secure software supply chain: artifact management, vulnerability scanning and SBOM generation.
• Drive “shift-left” security—integrating secure patterns into developer workflows and CI/CD pipelines.
• Rapidly triage and remediate security alerts across build, cloud and runtime environments.

Team Leadership & Management

• Mentor & Develop: Provide clear direction, support and mentorship to a cross-functional team of DevOps and Security Engineers.
• Objectives & Reviews: Set and review individual/team objectives aligned to business goals; conduct regular 1:1s, performance reviews and development conversations.
• Culture & Inclusion: Foster a collaborative, psychologically safe environment that values open communication and continuous improvement.
• Skills & Growth: Identify skills gaps, plan training and career-development initiatives.
• Resourcing & Balance: Ensure appropriate team resourcing, balanced workloads and act as escalation point for conflicts or challenges.
• Cross-Functional Collaboration: Coordinate with other team leads on initiatives and resource planning.
• Best Practices: Champion DevSecOps ways of working and track KPIs (deployment frequency, lead time, failure rate, MTTR, security posture, capacity and cost efficiency).

Governance & Compliance

• Lead risk assessments for new technologies and deployment patterns.
• Partner with Compliance to support ISO 27001, SOC 2, DORA and other frameworks.
• Ensure all configurations are version-controlled, auditable and policy-compliant.
• Maintain and test Business Continuity and Disaster Recovery plans.

Requirements

What We’re Looking For

Essential

• Proven DevSecOps/DevOps leadership with full-lifecycle AWS infrastructure ownership.
• Hands-on AWS (IAM, VPC, GuardDuty, CloudTrail), CI/CD (GitHub Actions, Terraform, JFrog) and IaC governance.
• Deep application-security knowledge (OWASP, Secure SDLC, supply-chain risks).
• Scripting proficiency (Python, Go or Bash) and experience with scanning tools (Trivy, Grype, SonarQube).
• Expertise in GitOps, Policy-as-Code and compliance tooling.

Desirable

• AWS Security/DevOps certification.
• Regulated-industry experience (finance, healthcare).
• Container/Kubernetes/Fargate and autoscaling familiarity (ECS/EKS, Karpenter).
• Secret-management systems (Vault, Secrets Manager).
• Exposure to ISO 27001, SOC 2, DORA frameworks.

Leadership Competencies

• Vision & Strategy: Evangelise secure, performant DevSecOps roadmaps.
• Collaboration & Influence: Build strong partnerships across teams.
• Execution Excellence: Deliver reliable, auditable, optimised deployments.
• Continuous Improvement: Drive a culture of learning and innovation.
• Resilience & Ownership: Own outcomes through incidents and change.
• Customer Focus: Align practices to accelerate business value and user experience.

What We Offer

• Full influence over security, infrastructure and DevSecOps strategy.
• Opportunity to build and lead a modern, high-impact DevSecOps team.
• Cutting-edge tooling, fully automated pipelines and cloud environments.
• Collaborative culture, competitive salary, benefits and career progression.

Benefits

• Competitive salary
• 25 days holiday plus bank holidays
• Share Options after completion of probationary period
• Discretionary Bonus 
• Pension Scheme
• Private Medical Insurance
• Work remotely abroad for up to 40 business days each year
• Life Insurance
• Combination of remote and London-based office working (2-3 days in office per week)
• A yearly Well being Physical Activity budget
• Continuous learning through funded training and challenging projects
• Collaborative culture
• Weekly team lunches
• Free Fruit, snacks, and drinks provided throughout the day (When office based)
• Regular Team Socials
• Cycle to Work Scheme

We are an inclusive employer and welcome applicants from all backgrounds. We pride ourselves on our commitment to Equality and Diversity. We are committed to removing barriers throughout our hiring process. If you have any special requirements or require reasonable adjustments to help you access career opportunities at BMLL, please do let us know careers@bmlltech.com.

This JD may evolve over time. Additional responsibilities may be assigned as needed for the role’s scope and seniority.