At Spearhead Systems we believe in the delivery of professional IT services that help companies focus on their core business and not technology. We are excited to the bone about the delivery of IT services that help people and companies get things done.
Spearhead Systems is at the forefront of IT service delivery and digital transformation as a trusted technology partner in the evolving world of cloud and digital platforms. We are the engineers, developers and operators of spearhead.cloud, a specialised high-performance cloud and specialists in IT infrastructure & application monitoring and observability.
We are a managed public cloud provider delivering technical support and system administration services across our own cloud infrastructure, public cloud platforms (AWS, GCP, Azure) and customer-owned systems. We prioritise reliability, clarity and proactive operations.
We are looking for a DevSecOps Engineer to help integrate security best practices into our system administration processes, cloud operations and customer environments.
Responsibilities
Evaluate and improve the security posture of our managed cloud platform and customer deployments.
Define and enforce security best practices across Linux server administration, configuration management and automation.
Collaborate with system administrators and DevOps engineers to embed security into CI/CD pipelines and infrastructure-as-code.
Implement or enhance monitoring, vulnerability management, log auditing and incident response workflows.
Review and improve IAM, firewall configurations, VPN access and SSH policies across internal and customer systems.
Guide and document the adoption of security baselines (CIS benchmarks, NIST, etc.) for Linux, public cloud and networking.
Stay current with emerging threats and ensure our configurations and workflows adapt accordingly.
Requirements
3+ years' experience in system administration, DevOps, or cloud infrastructure roles with a focus on security.
Strong understanding of Linux systems, networking and common cloud services (AWS, GCP, Azure or OpenStack).
Experience with infrastructure-as-code tools (e.g., Ansible, Terraform) and CI/CD platforms (e.g., GitLab CI, Jenkins).
Familiarity with common security standards (CIS, NIST) and tools (OSSEC/Wazuh, Falco, CrowdSec, Lynis).
Comfortable performing audits, reviews and risk assessments of cloud and on-premises environments.
Excellent documentation and communication skills in English.
Nice to have
Experience with container security (e.g., Docker, Kubernetes, PodSecurityPolicies).
Familiarity with compliance frameworks (ISO 27001, SOC2).
Experience hardening Apache/PHP, MySQL and open-source stacks.
Why Join Us?
- Help shape the security foundation of a growing cloud platform and support service.
- Autonomy, ownership and the ability to influence policy and direction.
- Collaborative environment with a focus on practical, human-centred technology.
What we offer
Our success depends on the effort of individual employees and at Spearhead you can see your impact immediately. You can make a real contribution to the success of the company.
Perks
Attractive salary package.
Meal Tickets, Medical Insurance, Office Events.
Trainings
Opportunities to grow and learn top technologies.
Opportunity to build a purposeful career in the delivery of essential IT services and products, to a global market.
Quiet Office Space
Quiet location, easily accessible via public transport.