The Ellison Institute of Technology (EIT) tackles humanity’s greatest challenges by turning science and technology into impactful global solutions. Focused on areas like health, food security, sustainable agriculture, climate change, clean energy, and robotics in an era of artificial intelligence. EIT blends groundbreaking research with practical applications to deliver lasting results.
A cornerstone of EIT mission is its upcoming 300,000-square-foot research facility at the Oxford Science Park, set to open in 2027. This cutting-edge campus will feature advanced labs, an oncology and preventative care clinic, and collaborative spaces to strengthen its partnership with the University of Oxford. It will also host the Ellison Scholars, driving innovation for societal benefit.
The Pathogen Mission highlights EIT’s transformative approach, using Whole Genome Sequencing (WGS) and Oracle’s cloud technology to create a global pathogen metagenomics system. This initiative aims to improve diagnostics, provide early epidemic warnings, and guide treatments by profiling antimicrobial resistance. The goal is to deliver certified diagnostic tools for widespread use in labs, hospitals, and public health.
EIT fosters a culture of collaboration, innovation, and resilience, valuing diverse expertise to drive sustainable solutions to humanity’s enduring challenges.
We are looking for a Senior DevSecOps Engineer to join the Pathogen Programme at EIT. In this role, you’ll help ensure our data platform is built to the highest standards, with a strong emphasis on automation across the development lifecycle.
You’ll work closely with engineers to deploy data pipelines and platform features, and support bioinformaticians in building and deploying their workflows. You’ll be responsible for maintaining infrastructure, designing secure automation pipelines, managing cloud environments, and ensuring security and compliance.
You’ll collaborate with cross-functional teams, data engineers, backend, and full-stack developers, to build robust, automated deployment pipelines across our environments.

ESSENTIAL KNOWLEDGE, SKILLS AND EXPERIENCE:

• Hands-on experience with cloud infrastructure, ideally Oracle Cloud (OCI), including provisioning, configuration, and service management.
• Proficient with Terraform or similar IaC tools.
• Skilled in implementing and maintaining CI/CD pipelines (e.g., GitHub Actions), especially with automated security testing.
• Strong knowledge of containerisation (e.g., Docker) and orchestration (e.g., Kubernetes).
• Deep understanding of cloud security principles: IAM, network security, encryption.
• Experience with monitoring/alerting tools (e.g., Prometheus, Grafana, ELK stack).
• Proficient in Git or other version control systems.

DESIRABLE KNOWLEDGE, SKILLS AND EXPERIENCE:

• Certifications in OCI or other cloud platforms (AWS, GCP).
• Experience with security tools like OWASP ZAP, Burp Suite, etc.
• Familiarity with Jira, Confluence, or similar tools.
• Knowledge of compliance frameworks (e.g., GDPR, HIPAA, ISO 27001, ISO 13485).
• Background in start-up or scale-up environments is a plus.

• Design, implement, and maintain secure cloud infrastructure using Oracle Cloud Infrastructure (OCI).
• Develop and manage Infrastructure as Code (IaC) with tools like Terraform to enable secure, repeatable deployments.
• Implement and manage CI/CD pipelines, focusing on automated security testing, deployment, and monitoring.
• Ensure all aspects of the data platform OCI infrastructure, data ingest pipelines, tool deployments, access controls, and monitoring are developed, tested, and deployed using automation best practices.
• Support bioinformaticians in building pipelines that are secure by design, version-controlled, and deployed through automated workflows.
• Collaborate with engineering teams to embed security throughout the development lifecycle.
• Automate vulnerability assessments to proactively identify and mitigate risks.
• Work closely with the security team to integrate best practices into new and existing features.
• Ensure compliance with security standards and regulations (e.g., ISO 27001, SOC 2).
• Implement monitoring solutions to detect and respond to real-time security incidents.
• Troubleshoot infrastructure and security issues, performing root cause analysis in production.
• Mentor junior engineers in security best practices and DevOps approaches.
• Collaborate with technical leads to enhance internal workflows and security processes.