DevOps Engineer (Security focus)

At the heart of everything we do is our vision to change lives every day, and our mission to grow The National Lottery responsibly and champion its impact.

We are Allwyn UK, part of the Allwyn Entertainment Group – a multi-national lottery operator with a market-leading presence across Europe which includes: Czech Republic, Austria, Greece, Cyprus & Italy, and the US.

While the main contribution of The National Lottery to society is through the funds to good causes, at Allwyn we put our purpose and values at the heart of everything we do. Join us as we embark on a once-in-a-lifetime, largescale transformation journey by creating a National Lottery that delivers more money to good causes.

We’ll talk a bit more about us further down the page, but for now – let’s talk about the role and who we’re looking for…

If you need any assistance or adjustments to this job description or in the application process, please contact a member of the talent team at View email address on apply.workable.com and we’ll be happy to help.

A bit about the role

As Allwyn transitions most of its technology services from on premise into a multi-cloud environment, Cloud Security becomes critically important to ensure our core services and gaming platforms are safe.

The DevOps engineer is the dedicated DevOps specialist focused on prioritising and resolving security defects and vulnerabilities across cloud platforms and application pipelines.

The role acts as the technical bridge between Cloud Engineering and the Security Operation Centre (SOC), Enterprise Security and Cyber Defence teams. The DevOps Engineer ensures that cloud infrastructure and delivery pipelines in AWS and Azure are Secure by Design, automating remediation where possible and embedding security controls into infrastructure as code (IaC) and CI/CD pipelines. You will champion secure engineering practices ensuring both speed of delivery and robust security posture across all environments

What you’ll be doing

• Monitor, triage and remediate vulnerabilities across applications, cloud workloads, containers, CI/CD pipelines and IaC repositories
• Work closely with SOC, Enterprise Security and Cyber Defence teams to respond to active and emerging threats ensuring rapid technical remediation
• Integrate security tooling into CI/CD pipelines including container scanning and secret scanning
• Maintain and improve IaC security posture using Terraform and ensure compliance with security baselines and guardrails
• Automate security checks and enforcement using policy as code, security scanners and cloud native services
• Support threat modelling and secure solution design with engineering teams
• Own vulnerability management workflows and ensure timely remediation in line with risk and audit expectations
• Implement and maintain cloud security configurations (IAM, key management, WAF security groups, logging and monitoring)
• Produce technical documentation, runbooks and remediation guidance for engineering teams
• Work with product and engineering teams to embed security into development standards
• Create and enforce governance policies

What experience we’re looking for

• 3-5+ years hands-on experience in DevOps, platform engineering or DevSecOps role
• Strong development background with the ability to build automation and tooling for security remediation
• Strong infrastructure as code experience using Terraform across AWS and Azure
• Deep understanding of cloud security principles, identity and access controls, network security and container security in AWS and Azure
• Experience integrating and managing security controls
• Solid understanding of CI/CD pipelines including GitHub Actions
• Practical experience with vulnerability management, threat remediation and working with the Security Operating Centre and Cyber teams
• Strong understanding of modern application architectures
• Demonstrated ability to keep up with rapidly evolving cloud technologies

Key Measures of Success:

• Reduction in critical and high-risk vulnerabilities within agreed SLAs, cloud and application environments
• Improved security posture as measured by cloud security benchmarks, IaC scanning results and automated policy compliance
• Effective collaboration and faster incident response with SOC, Enterprise Security and Cyber Defence teams
• Automation coverage increased, reducing manual remediation effort and improving consistency
• Secure pipelines, evidence by adoption of scanning tools and zero high or critical findings reaching production
• Positive feedback from engineering teams regarding clarity, support and quality of security guidance
• Audit and compliance targets met with no major findings related to DevOps or Cloud security practices

About us

At Allwyn, we are dedicated to changing lives and growing the National Lottery responsibly, championing its positive impact on people, places, and the planet.

• Innovation - We pride ourselves on it! We’re constantly looking for new ways to excite our customers, bringing new products to market to enjoy which is all supported by our responsible play values and making them accessible to all.
• Giving back – Did you know that playing the lottery generates around £30m a week for charities and good causes in the UK? Our aim is to have doubled this number by the end of the first 10-year license
• Sustainability – Our aim is to become a net zero national lottery. We have 2030 targets to decarbonise our operations and energy. We’ve already transitioned to renewable energy providers, made our London and Watford offices zero gas, and ensured our fleet consists of low-emission vehicles. In addition, we’re working with our value chain partners to develop a net zero target date.
• Empowering every voice – We believe in creating a culture where everyone feels they belong, can be themselves, has access to opportunities and can thrive for the benefit of good causes. Our diverse teams are working hard to make all parts of The National Lottery inclusive – whether people play a game in a store or online- - because when everyone can play, everyone wins.

Our people are more than colleagues - they’re winners, driving positive change and making a real difference in communities.

We are a Disability Confident Leader which means we’ve taken proactive steps to ensure our workplace is accessible and inclusive for disabled and neurodivergent colleagues and candidates. As part of this we offer an interview to disabled applicants who meet the essential requirements of the job.

An inclusive reward offering with wellbeing at the centre

At Allwyn, inclusion is built into how we care for our people. Our benefits and policies support colleagues—and their families—at every stage of life and career. By prioritising wellbeing and belonging, we create a workplace where everyone feels valued, rewarded, and empowered to succeed.

BENEFITS

Our benefits are built to support you at every stage of life. From wellbeing and financial security to enjoying more of what you love, our benefit offerings help you thrive at work and at home.

• Company Bonus Scheme
• Matched pension contributions up to 8.5%
• 26 days annual leave + 2 Life Days (and bank holidays)
• Single Private Health Cover
• Complimentary Private Medical
• Income Protection
• Flexible Benefits – EV Scheme, Money Coach, Will Writing, Mortgage Advice, Dental and Eye Care Schemes.
• Enhanced Family Leave (Maternity, Paternity, Adoption)
• Wellness Allowance £500
• Employee Assistance Programme
• Discounted Health Assessments
• Volunteering Days
• Matched Funding