Outside IR35, DevSecOps Engineer, Azure, AWS, Best practice, Regulatory Environment background, Mobile Application, Web Application, Greenfield Build, London + West Midlands. We are seeking a Senior DevSecOps Engineer to lead governance, architecture guidance, and assurance for Greenfield Web Application build across infrastructure security, Microsoft Azure, AWS, Kubernetes and key SaaS platforms. This role is pivotal in shaping technical blueprints, setting security standards, and ensuring regulatory compliance with Cyber Essentials Plus, ISO 27001, and Zero Trust principles. You will act as the glue between IT and platform teams to embed best practices, validate implementations, and support audit readiness across IaaS, PaaS, and SaaS environments. Key Responsibilities Define and maintain multi-cloud security standards and reference blueprints (e.g. Azure Policy/Initiatives, AWS Control Tower/SCPs) Own security architecture patterns and contribute to HLD/LLD, threat models, and risk assessments Set assurance criteria and control evidence requirements for internal teams and third-party vendors Establish policy-as-code requirements and maintain an exceptions register with expiry and risk ownership Define identity and access control standards (Entra ID Conditional Access, MFA, PIM; AWS IAM federation) Govern SaaS security onboarding (SSO, OAuth governance, DL...