Head Of Security & Devops

Head Of Security & DevOps

Our client is seeking a Head of Security & DevOps to take full ownership of the organisation's security posture and infrastructure reliability end-to-end. This senior leadership role is responsible for safeguarding player funds, strengthening cloud infrastructure, and developing DevOps practices that ensure the platform remains fast, highly available, and resilient at scale.

The successful candidate will lead a team of security and infrastructure engineers, collaborate closely with product and software engineering teams, and act as the executive point of contact for security incidents, compliance audits, and infrastructure strategy. This role requires a hands-on approach to both security and DevOps systems.

Key Responsibilities

Information Security Strategy & Governance

• Develop, implement, and maintain the organisation's information security strategy and cybersecurity framework.
• Establish security policies, standards, and governance structures to protect systems, infrastructure, and data assets.
• Ensure alignment of security practices with operational objectives and the broader technology roadmap.

DevOps & Infrastructure

• Own the reliability and scalability of the organisation's cloud infrastructure, including container orchestration, CI/CD pipelines, observability, and disaster recovery.
• Design and maintain infrastructure-as-code (IaC) across AWS or equivalent cloud platforms, ensuring reproducibility, auditability, and least-privilege access.
• Build and optimise CI/CD pipelines to enable fast and secure deployments, including Docker build caching, multi-stage builds, and automated testing gates.
• Establish SLOs, SLIs, and error budgets, while leading incident management and on-call practices.
• Architect and maintain disaster recovery and business continuity plans, including cross-region failover and backup strategies.
• Drive cloud cost optimisation while maintaining high performance and security standards.

Cybersecurity Risk Management

• Identify, assess, and manage cybersecurity risks across the organisation's technology environment.
• Implement risk mitigation strategies and security controls to protect critical infrastructure and digital assets.
• Monitor emerging cyber threats and vulnerabilities that could impact operations or infrastructure.

Security Operations & Incident Response

• Oversee monitoring, detection, and response processes for cybersecurity incidents and vulnerabilities.
• Coordinate incident response activities, ensuring proper investigation, containment, and remediation.
• Support the development and maintenance of incident response plans and procedures.

Digital Asset & Platform Security

• Oversee security frameworks related to digital assets, wallets, and transaction infrastructure where applicable.
• Support safeguards that protect wallet systems, transaction flows, and overall platform integrity.
• Collaborate with Risk, Fraud, and Product teams to strengthen controls against abuse, account compromise, and system manipulation.

Compliance & Regulatory Alignment

• Ensure alignment with relevant regulatory obligations, compliance requirements, and industry standards.
• Support internal and external audits, risk assessments, and compliance reviews.
• Maintain oversight of data protection, security controls, and governance frameworks.

Security Awareness & Continuous Improvement

• Promote a strong culture of security awareness through training, guidance, and knowledge-sharing initiatives.
• Identify opportunities to enhance the organisation's cybersecurity posture through improved tools, processes, and practices.

Requirements

• Proven experience in a senior security, DevOps, or infrastructure leadership role.
• Strong hands-on expertise with cloud platforms such as AWS (or equivalent), including architecture, security, and cost optimisation.
• Demonstrated experience building and managing CI/CD pipelines and infrastructure-as-code (e.g. Terraform, CloudFormation).
• Deep understanding of modern security practices, including risk management, incident response, and vulnerability management.
• Experience leading and scaling high-performing engineering or security teams.
• Solid knowledge of containerisation and orchestration technologies (e.g. Docker, Kubernetes).
• Familiarity with observability tools, monitoring systems, and incident management processes.
• Experience with disaster recovery planning, business continuity, and high-availability systems.
• Strong understanding of compliance frameworks and regulatory requirements relevant to online platforms (e.g. ISO 27001, GDPR).
• Exposure to digital asset or crypto security is considered a strong advantage.
• Excellent stakeholder management skills, with the ability to work cross-functionally across engineering, product, and risk teams.
• Strong communication and leadership skills, with the ability to operate at both strategic and hands-on levels.
• Experience working with Crypto Casinos is a plus.