Sky
Associate DevSecOps Consultant
We believe in better. And we make it happen.
Better content. Better products. And better careers.
Working in Tech, Product or Data at Sky is about building the next and the new. From broadband to broadcast, streaming to mobile, SkyQ to Sky Glass, we never stand still. We optimise and innovate.
We turn big ideas into the products, content and services millions of people love.
And we do it all right here at Sky.
As an Associate DevSecOps Consultant, you will support the embedding of software security practices into the software development lifecycle (SDLC). Working closely with developers, engineering, and platform teams, you will help ensure that approved security tooling is adopted effectively and that teams follow Sky’s secure-by-design (“secure path”) approach to building and running software that is resilient to modern threats.
What you'll do
Support the integration of approved software security tooling into the SDLC by working with engineering teams across design, development, and deployment phases.
Participate in developer and engineering workshops to raise awareness of available security tooling, processes, and capabilities.
Contribute to workshops focused on common application security vulnerabilities and recommended mitigations.
Assist in driving automation within the DevSecOps team to improve security observability, monitoring, and operational efficiency.
Collaborate with wider security functions (e.g. Security Remediation, Threat Intelligence, Threat Modelling) to promote secure software practices.
Contribute to application security activities such as code reviews and vulnerability analysis within the context of Sky’s technology landscape.
Work alongside developers to encourage secure coding practices and support improvements in overall security maturity.
Support the day-to-day maintenance and operation of application security tooling, including SAST, SCA, and secrets scanning solutions.
Contribute to the development and maintenance of security standards, patterns, and guardrails for engineering teams.
Please note: this role is driven by business demand, and occasional out-of-hours support may be required, as well as other duties as assigned.
What you'll bring
A foundational understanding of software development concepts and the software development lifecycle (SDLC) including testing and security stages.
Basic knowledge of application security principles and common vulnerabilities (e.g. OWASP Top 10).
Production/Enterprise experience with at least one programming or scripting language (e.g. Java, JavaScript, Python, or similar).
Awareness of what application security tooling does such as Static Application Security Testing (SAST), Software Composition Analysis (SCA), and secrets scanning.
Basic understanding of how modern applications are built and deployed (e.g. APIs, cloud-native services, CI/CD pipelines).
Strong communication skills, with the ability to explain security concepts clearly to developers and engineers.
A willingness to learn, self-develop, and stay up to date with emerging application security threats and best practices.
Ability to work collaboratively in a team-oriented environment and engage positively with a wide range of stakeholders.
Team overview
Global Cyber Security – Product Security
Our products, platforms and technologies are constantly evolving. That's why keeping Sky safe from cyber-attacks is one of our top priorities. Our Cyber Security team helps the business grow while protecting our customers, colleagues and partners from increasingly sophisticated cyber threats. Our team includes Cyber Fusion Centre, Security Services, Risk and Compliance, Programme Delivery and Business Security, and we work across the UK, Italy and Germany. Join us and you’ll get involved in tackling challenges and future threats in an ever-changing cyber landscape.
This is an exciting opportunity to join the DevSecOps function at Sky as we continue to scale our platforms and services across streaming, broadcast, and digital products. We are expanding our UK-based DevSecOps capability within the Global Product Security organisation to ensure software security is embedded by default across Sky and Comcast’s engineering estate.
The rewards
There's one thing people can't stop talking about when it comes to #LifeAtSky: the perks. Here’s a taster:
- Sky Q, for the TV you love all in one place
- The magic of Sky Glass at an exclusive rate
- A generous pension package
- Private healthcare
- Discounted mobile and broadband
- A wide range of Sky VIP rewards and experiences
Inclusion & how you'll work
We are a Disability Confident Employer, and welcome and encourage applications from all candidates. We will look to ensure a fair and consistent experience for all, and will make reasonable adjustments to support you where appropriate. Please flag any adjustments you need to your recruiter as early as you can.
We’ve embraced hybrid working and split our time between unique office spaces and the convenience of working from home. You’ll find out more about what hybrid working looks like for your role later on in the recruitment process.
Your office space
Osterley
Our Osterley Campus is a 10-minute walk from Syon Lane train station. Or you can hop on one of our free shuttle buses that run to and from Osterley, Gunnersbury, Ealing Broadway and South Ealing tube stations. There are also plenty of bike shelters and showers.
On campus, you’ll find 13 subsidised restaurants, cafes, and a Waitrose. You can keep in shape at our subsidised gym, catch the latest shows and movies at our cinema, get your car washed, and even get pampered at our beauty salon.
Brick Lane
Brick Lane is in the heart of the East End of London. It's part of a vibrant and diverse community; close to street food, cafes and shops. The closest tube station is Aldgate East and Liverpool Street is about a 10 minute walk.
We'd love to hear from you
Inventive, forward-thinking minds come together to work in Tech, Product and Data at Sky. It’s a place where you can explore what if, how far, and what next.
But better doesn’t stop at what we do, it’s how we do it, too. We embrace each other’s differences. We support our community and contribute to a sustainable future for our business and the planet.
If you believe in better, we’ll back you all the way.
Just so you know: if your application is successful, we’ll ask you to complete a criminal record check. And depending on the role you have applied for and the nature of any convictions you may have, we might have to withdraw the offer.