Senior DevSecOps Engineer - Pathogen

The Ellison Institute of Technology (EIT) tackles humanity's greatest challenges by turning science and technology into impactful global solutions. Focused on areas like health, food security, sustainable agriculture, climate change, clean energy, and robotics in an era of artificial intelligence. EIT blends groundbreaking research with practical applications to deliver lasting results.

A cornerstone of EIT mission is its upcoming 300,000-square-foot research facility at the Oxford Science Park, set to open in 2027. This cutting-edge campus will feature advanced labs, an oncology and preventative care clinic, and collaborative spaces to strengthen its partnership with the University of Oxford. It will also host the Ellison Scholars, driving innovation for societal benefit.

The Pathogen Mission highlights EIT's transformative approach, using Whole Genome Sequencing (WGS) and Oracle's cloud technology to create a global pathogen metagenomics system. This initiative aims to improve diagnostics, provide early epidemic warnings, and guide treatments by profiling antimicrobial resistance. The goal is to deliver certified diagnostic tools for widespread use in labs, hospitals, and public health.

EIT fosters a culture of collaboration, innovation, and resilience, valuing diverse expertise to drive sustainable solutions to humanity's enduring challenges.

We are looking for a Senior DevSecOps Engineer to join the Pathogen Programme at EIT. In this role, you'll help ensure our data platform is built to the highest standards, with a strong emphasis on automation across the development lifecycle.

You'll work closely with engineers to deploy data pipelines and platform features, and support bioinformaticians in building and deploying their workflows. You'll be responsible for maintaining infrastructure, designing secure automation pipelines, managing cloud environments, and ensuring security and compliance.

You'll collaborate with cross-functional teams, data engineers, backend, and full-stack developers, to build robust, automated deployment pipelines across our environments.

Key Responsibilities

• Design, implement, and maintain secure cloud infrastructure using Oracle Cloud Infrastructure (OCI).
• Develop and manage Infrastructure as Code (IaC) with tools like Terraform to enable secure, repeatable deployments.
• Implement and manage CI/CD pipelines, focusing on automated security testing, deployment, and monitoring.
• Ensure all aspects of the data platform OCI infrastructure, data ingest pipelines, tool deployments, access controls, and monitoring are developed, tested, and deployed using automation best practices.

• Support bioinformaticians in building pipelines that are secure by design, version-controlled, and deployed through automated workflows.

• Collaborate with engineering teams to embed security throughout the development lifecycle.
• Automate vulnerability assessments to proactively identify and mitigate risks.
• Work closely with the security team to integrate best practices into new and existing features.
• Ensure compliance with security standards and regulations (e.g., ISO 27001, SOC 2).
• Implement monitoring solutions to detect and respond to real-time security incidents.
• Troubleshoot infrastructure and security issues, performing root cause analysis in production.
• Mentor junior engineers in security best practices and DevOps approaches.
• Collaborate with technical leads to enhance internal workflows and security processes.

Requirements

Essential Knowledge, Skills and Experience:

• Hands-on experience with cloud infrastructure, ideally Oracle Cloud (OCI), including provisioning, configuration, and service management.
• Proficient with Terraform or similar IaC tools.
• Skilled in implementing and maintaining CI/CD pipelines (e.g., GitHub Actions), especially with automated security testing.
• Strong knowledge of containerisation (e.g., Docker) and orchestration (e.g., Kubernetes).
• Deep understanding of cloud security principles: IAM, network security, encryption.
• Experience with monitoring/alerting tools (e.g., Prometheus, Grafana, ELK stack).
• Proficient in Git or other version control systems.

Desirable Knowledge, Skills and Experience:

• Certifications in OCI or other cloud platforms (AWS, GCP).
• Experience with security tools like OWASP ZAP, Burp Suite, etc.
• Familiarity with Jira, Confluence, or similar tools.
• Knowledge of compliance frameworks (e.g., GDPR, HIPAA, ISO 27001, ISO 13485).
• Background in start-up or scale-up environments is a plus.

Key Attributes:

• Strong collaboration skills.
• Eagerness to learn and upskill in new technologies.
• Proactive and hands-on with exploring new tools and developing POCs.
• Excellent problem-solving and critical thinking, especially around security.
• Effective communicator and team player across functions.
• Able to manage multiple tasks and deadlines in a dynamic environment.
• Detail-oriented with a strong commitment to security and quality.
• Adaptable and ready to contribute in a fast-scaling organisation.

Benefits

We offer the following salary and benefits:

• Salary: Competitive salary on offer
• Enhanced holiday pay
• Pension
• Life Assurance
• Income Protection
• Private Medical Insurance
• Hospital Cash Plan
• Therapy Services
• Perk Box
• Electrical Car Scheme

Why work for EIT:

At the Ellison Institute, we believe a collaborative, inclusive team is key to our success. We are building a supportive environment where creative risks are encouraged, and everyone feels heard. Valuing emotional intelligence, empathy, respect, and resilience, we encourage people to be curious and to have a shared commitment to excellence. Join us and make an impact!

Terms of Appointment:

• You must have the right to work permanently in the UK with a willingness to travel as necessary.
• You will live in, or within easy commuting distance of, Oxford.
• During peak periods, some longer hours may be required and some working across multiple time zones due to the global nature of the programme.