www.clearygottlieb.com

Senior DevSecOps Engineer

Springbok AI by Cleary Gottlieb

Location: Remote (UK)

The Role

We are looking for a Senior DevSecOps Engineer who brings security-thinking, platform reliability, and automation mindset into how we build and deploy AI software systems. You will integrate security into the entire software development lifecycle (SDLC) by embedding security practices, tools, and automation directly into DevOps workflows (CI/CD pipelines) to build, test, and deploy secure applications faster.

You will be the second member of the DevOps team along with a Junior DevOps engineer directly managed by the Senior Manager (ex-CTO at Springbok). This is a very important function to our team and is likely to expand in the future. As the first dedicated Senior team member within this function, you will have the opportunity to progress and shape your role.

You will be expected to interface with other departments like Infosec and IT, balancing the operational needs of the team with robust protection against threats and compliance. You will negotiate and advocate for process improvements to benefit the development team. You will be the first point of contact for queries related to our software operations and security footprint.

About Springbok, by Cleary Gottlieb

Springbok, by Cleary Gottlieb, is where cutting-edge AI meets elite legal expertise.

We build agentic AI workflows, automation systems, and legal intelligence tooling that lawyers actually use in real work. We move fast, iterate collaboratively, and value autonomy, clarity, and thoughtful engineering.

The Team

You will join the Springbok team. This is an internal development team within Cleary that creates bespoke AI solutions for the firm utilizing our software development and data science capabilities. We regularly collaborate with the Cleary Infrastructure and InfoSec teams, and you will be acting as our representative in discussions with them.

We are a tight-knit, remote-first team that values ownership, honesty, and curiosity. We work collaboratively across disciplines — engineering, data science, legal domain experts, and product — to deliver meaningful impact.

The team is already handling the tasks outlined for this role and has solid process understanding. You will join to take over and consolidate responsibilities from our engineers, allowing them to focus more on rapid software delivery and putting the team on the front foot, ready for expansion and additional challenges across the broader Firm.

Main Responsibilities:

  • Design, implement and maintain secure-by-default cloud and application infrastructure
  • Define, implement and improve CI/CD pipelines that support rapid, safe deployment of AI applications and services, embedding security checks (SAST, DAST, SCA) throughout the development lifecycle
  • Maintain a secure container-based sandbox environment on behalf of our Data Science team
  • Conduct threat modelling and risk assessment to identify potential threats and design controls to mitigate them early in the development process
  • Implement security automation for testing, scanning, vulnerability management, and remediation
  • Own secrets, identity, and access management patterns, ensuring strong least-privilege principles and rotation practices
  • Define and continuously improve monitoring, observability, and reliability standards across the platform
  • Design resilience and disaster recovery strategies, including backup validation and restoration testing
  • Ensure adherence to compliance standards (ISO, SOC 2) and regulations, contributing to auditability and compliance-by-design for a legal domain environment
  • Participate in security incident analysis and remediation planning
  • Collaborate with engineers and data scientists to provide security guidance on design decisions and platform architecture, serving as a liaison between development, InfoSec and infrastructure teams

Skills and Competencies:

  • Cloud platforms (AWS required, Azure nice to have)
  • Infrastructure as Code (Terraform required)
  • Familiarity with software development, including design patterns, languages and frameworks (We use Python and React Typescript)
  • Familiarity with databases (We primarily use PostgreSQL)
  • GitHub, with focus on CI/CD and security configuration
  • CI/CD automation and pipeline patterns
  • Containerisation (Docker required) and orchestration (We use ECS)
  • Threat modelling, vulnerability management, and dependency scanning
  • Identity, role-based access, and secrets lifecycle management
  • Observability: monitoring, logging , alerting, SLOs, dashboards
  • Security governance experience in regulated / compliance-sensitive environments

If you meet some — not all — of the above criteria, we still encourage you to apply. We value learning ability, adaptability, and thoughtful engineering judgment above box-ticking.

If you are interested in applying, please submit a CV and short cover letter to the London Human Resources Team, LON-HR@cgsh.com.