Lead DevSecOps Engineer
About Arondite
Arondite enables organisations to wield autonomy, data and AI at scale. We equip operators with the foundational software to orchestrate their mix of platforms and capabilities, and then take mission-critical decisions faster than their adversaries.
We exist to ensure the UK and its allies out-think, out-pace and out-adapt those who seek to threaten our values and way of life. Our technology is designed for deployment in the world’s most austere environments, and is relied upon by the world’s most demanding operators. We deploy alongside them, bringing our technical expertise wherever it is needed.
You will join Arondite at a pivotal moment in the company’s journey. We are ambitious, building for the long-term and backed by globally renowned investors including Index Ventures (Anthropic, Wiz, Figma, Revolut). Our company is being built by exceptional engineers - people who find high-impact and technically challenging work engaging and exciting, and who consistently deliver outsized impact. You will collaborate with other brilliant minds to solve some of the world’s hardest and most important problems.
You will have ownership and autonomy from Day One. There is no corporate ladder at Arondite. From your first day, you will directly influence the design, functionality, and direction of Arondite’s product offering. We hire the best people and give them extremely high levels of autonomy; the sky is the limit for an individual with the right ambition.
If you are motivated by our mission and if you want to be part of a growing team of outstanding people, then we want to hear from you.
About the role
As Lead DevSecOps Engineer at Arondite you will be driving platform engineering and developer experience. You will take full ownership of our internal development ecosystem, evolving it into a secure, robust, self-service platform that abstracts infrastructure complexity. You will design and maintain the "Golden Path": the standardized, automated route from local code to a production-ready state. You will need to be versatile and view infrastructure as a product, with our internal developers as your primary customers.
Being a lead at an early stage company will mean building a team to continue delivering and improving the capabilities as we scale. You will need to engage with stakeholders to build a DevSecOps roadmap, and you will set the technical direction in order to deliver the required outcomes. You will also support and mentor less experienced engineers by reviewing their outputs and giving them feedback.
Your responsibilities will include:
- Taking end-to-end ownership of the internal developer platform, identifying bottlenecks in the secure software development lifecycle and building automated solutions to resolve them.
- Architecting and evolving standardized deployment patterns that bake in security, compliance, and observability, allowing product teams to focus on delivering customer functionality.
- Ensuring high availability, performance, and seamless integration of our self-hosted engineering suite (GitLab) with the wider ecosystem.
- Managing infrastructure-as-code practices and tooling to deliver version-controlled, auditable, and reproducible infrastructure
- Driving the adoption of modern deployment methodologies (such as GitOps) to ensure declarative, reproducible, and audited state management across all environments.
- Owning automated security tooling (e.g. SAST, DAST, dependency scanning, container scanning, and secrets detection) to deliver security audit evidence for the platform
Requirements
Arondite aims to bring together individuals from diverse backgrounds and with different perspectives. We therefore don’t expect people to have experience across every area of the requirements. Please apply even if you only partially fulfil the following lists.
You should have:
- 3+ years of experience building or scaling internal developer platforms or sophisticated CI/CD ecosystems
- Deep understanding of cloud-native primitives (Compute, Networking, Storage) and the ability to implement them across different providers or hybrid environments
- Proven ability to manage container orchestration at scale, focusing on abstracting complexity for end-users rather than just "managing clusters."
- Expert-level proficiency in declarative configuration management and modular Infrastructure as Code design (e.g., Terraform, OpenTofu, or Pulumi)
- Strong competency in scripting or systems programming (Python, Go, or Bash) to glue disparate systems into a unified platform
- Evidence of delivering security compliance (e.g. UK government ‘Secure by Design’) as a key component of development tooling
Ideally, you would also have:
This is not an additional list of requirements; this reflects the tech stack currently used at Arondite; any experience in these areas is a bonus
- Experience maintaining and scaling critical engineering tools (e.g., GitLab, Artifactory, or SonarQube) at the enterprise level, including backup/restore and high-availability strategies
- Proven experience migrating workloads between platforms (e.g., EC2 to EKS, or cross-cloud) with a focus on data integrity and minimal downtime
- Ability to implement standardized telemetry pipelines (e.g., OpenTelemetry, Prometheus, or ELK) that provide developers with out-of-the-box visibility into their services
- Familiarity with automated policy enforcement and compliance-as-code (e.g., OPA, Kyverno, or AWS Config) to maintain compliance without manual intervention
- Experience implementing automated cost-attribution and rightsizing logic to ensure the platform remains economically sustainable as it scales
- Knowledge of service mesh architectures such as Istio or Linkerd, for traffic management and mTLS
- Experience with deploying software to classified environments and/or meeting UK Government security requirements
Right to Work
We require that all candidates have an existing Right to Work in the UK at the time of application.
Security clearance
We believe in working closely with defence customers. As a result, this role will require the individual to hold a clearance or be willing to undergo UK security vetting to Security Check (SC) or above. This normally requires having continuous residency in the UK for at least 5 years.
Office vs Hybrid working
We are focused on building a positive, collaborative engineering-driven culture. We therefore believe in making the office a friendly, comfortable and fun place to be, and we try to work from the office where possible. Of course, there are times when it makes sense for you to work from home and that's OK. You may also need to travel to visit customers, depending on your role. But in general you should only apply to join Arondite if you're excited to come into the office and work in person by default.
Application process
Generally, our interview process is comprised of the following stages:
- CV submission with initial questions
- Introductory Teams call (30-45 mins)
- In-person technical interview (1-2 hours)
- Final interview with one of Arondite’s Founders (30 mins)
Benefits
- Highly competitive base salary
- Generous equity in EMI share options in a well-funded and growing startup
- 7% employer pension contribution
- Free meals in the office every day
- Private health and dental insurance, with opt-in cover for dependents
- Cycle to work scheme
- Relocation support
- Access to any resources, equipment and training that you need to do your job in a world-class way