Job Search

DevSecOps Engineer

Contract

Location: Remote / Hybrid (London-based gaming studio)
Contract Length: 6-12 months
Start Date: ASAP
Rate: Competitive

About the Role

Our client, a leading gaming company, is seeking an experienced DevSecOps Engineer Contractor to support a major merger and acquisition (M&A) initiative. The organisation has recently acquired another studio with a completely different technology estate. As the two environments integrate, the business needs a specialist who can embed security into CI/CD pipelines, standardise tooling, and ensure strong security controls across hybrid infrastructures.

This is a hands‑on role focused on building secure automation, improving platform resilience, and establishing unified DevSecOps practices during the integration.

Key Responsibilities

M&A Integration & Security Standardisation

Assess and compare DevOps toolchains and security practices across both legacy and acquired environments.Support the consolidation and integration of CI/CD pipelines, deployment tooling, and secure automation.Align build, release, and security processes with the parent company's standards.Recommend and implement standardised DevSecOps frameworks to support a unified engineering environment.

Secure CI/CD Engineering

Embed automated security checks into CI/CD pipelines (SAST, SCA, DAST, IaC scanning).Build or enhance automated pipelines for secure builds, test, and deployment workflows.Integrate security tooling into version control, build systems, and container platforms.

Cloud & Infrastructure Security

Improve security posture across cloud platforms (AWS, Azure, or GCP depending on estate).Harden Kubernetes, container runtimes, and infrastructure-as-code deployments.Support secure configuration baselines, IAM policies, and secrets management.Ensure logging, monitoring, and telemetry from both environments is consistent and actionable.

Operational Support & Incident Response

Assist with vulnerability management, remediation, and automated patching workflows.Support incident investigations related to pipeline failures, insecure configurations, or cloud misconfigurations.Troubleshoot complex issues in multi-environment infrastructures during the M&A transition.

Documentation & Knowledge Sharing

Produce clear, high-quality documentation for new pipelines, security controls, and DevSecOps processes.Provide knowledge transfer to existing DevOps and security engineers as new standards are adopted.Contribute to the creation of unified security and automation guidelines across the merged business.

Technical Skills & Experience

Essential

5-10 years' experience in DevSecOps, Cloud Security Engineering, or Secure Platform Engineering.Strong hands-on skills in:CI/CD platforms (GitHub Actions, GitLab CI, Jenkins, Azure DevOps, etc.)Cloud platforms (AWS, Azure, or GCP)Kubernetes, Docker, Helm, and container security best practicesInfrastructure-as-code (Terraform, Pulumi, CloudFormation)Secrets management (Vault, AWS Secrets Manager, Azure Key Vault)Security tools such as Snyk, Prisma, SonarQube, Aqua, Twistlock, or similarExperience of operating in hybrid cloud, multi‑environment scenarios.Track record of supporting or leading integration efforts during acquisitions or large estate transformations.

Desirable

Exposure to gaming industry or high‑performance computing workflows.Experience with service mesh, API gateways, or distributed microservices security.Familiarity with SIEM/SOAR environments and automated remediation patterns.Certifications: AWS Security/SysOps, Azure Security Engineer, CKS, CISSP, or similar.

GCS is acting as an Employment Business in relation to this vacancy.

Read less

Application Security Engineer

ZZP / Freelance

Industry: AAA Gaming Studio
Location: Fully Remote (Netherlands)
Contract Length: 12-18 months

About the Role

A fast‑growing gaming studio is looking for an Application Security Engineer to embed secure development practices into their high‑velocity game and platform engineering teams. You'll help secure game engines, back‑end services, and player‑facing APIs used by millions worldwide.

Key Responsibilities

Conduct secure code reviews and help dev teams fix vulnerabilities.Integrate SAST, SCA, and DAST tools into build pipelines.Perform threat modelling on gameplay features and backend microservices.Respond to application‑level vulnerabilities and guide remediation efforts.Promote a developer‑friendly security culture within the studio.

Skills & Experience

Strong experience with modern languages (C++, C#, Go, Python).Solid understanding of CI/CD security and cloud-native app security.Gaming sector experience is a bonus, not a requirement.

GCS is acting as an Employment Business in relation to this vacancy.

Read less

Role: Cloud Security Assessment Specialist - B2B

Duration: 6-month rolling contract

Working Pattern: Krakow, Hybrid (handful of days per month)

GCS Cyber are partnered with a global financial services organisation as they continue to strengthen their Cloud Security Assessment function. This role focuses on ensuring cloud‑hosted services meet mandatory security controls before moving into production. You'll act as a senior cloud security specialist, providing assurance, consultancy, and oversight across complex multi‑cloud environments.

What you'll be doing:

Executing Cloud Security Assessment reviews for cloud‑hosted services and managing reviews raisedProviding cloud security consultancy to engineering and application teams, supporting secure design and smooth transition into production.Assessing and applying cloud security controls, ensuring alignment with HSBC standards and regulatory expectations.Driving continuous improvement across assessment processes, including automation, data‑driven insights, and capability uplift.

Must have:

Strong hands‑on experience with Google Cloud Platform AWS, plus exposure to at least one additional cloud platform (Azure or Alibaba Cloud).Solid understanding of cloud security controls, risk, and control frameworks.Working knowledge of scripting and tooling such as Python, Bash, PowerShell, SQL etc…Excellent stakeholder management and communication skills, with the ability to influence across global technology and business teams.

To find out more, please apply now or send a copy of your CV to [email protected]

GCS is acting as an Employment Business in relation to this vacancy.

Read less

Role: Cyber Threat and Controls Consultant - B2B

Duration: 6-month rolling contract

Working Pattern: Krakow, Hybrid (handful of days per month)

GCS Cyber are partnered with a global financial services organisation undergoing multiple large-scale transformation programmes across their Cyber Security division.

In this role you will perform threat and control assessments across the business, you'll partner with architects, developers and cloud specialists across the business to review designs, challenge assumptions, and ensure services are built with strong security foundations. You'll also contribute to improving the threat‑assessment process, sharing your expertise across a global community and helping uplift security practices across the organisation.

Must have:

Strong understanding of modern security principles and the ability to break down how systems really work under the hoodHands‑on background in identifying weaknesses, misconfigurations or attack paths across applications, infrastructure or integrated servicesFamiliarity with recognised analysis frameworks (e.g., threat identification or attack‑pattern libraries) and able to translate findings into clear, meaningful risk language

To find out more, please apply now or send a copy of your CV to [email protected]

GCS is acting as an Employment Business in relation to this vacancy.

Read less