DevSecOps Sr. Lead - Shared Services and Cash

Job Description

The DevSecOps Leader is responsible for integrating security into the software development lifecycle (SDLC) and ensuring secure, scalable, and compliant application delivery across business units. This role bridges the gap between development, security, and operations by implementing security best practices, automating security controls, and fostering a culture of security awareness. The ideal candidate will have deep expertise in DevSecOps methodologies, cloud security, and regulatory compliance, ensuring that security is embedded at every stage of the software development and deployment process. Key Responsibilities: Develop and execute a DevSecOps strategy that aligns with business objectives and regulatory requirements. Change management process Embed security controls, tools, and automation within CI/CD pipelines to enhance security without disrupting development velocity. Establish secure coding practices, vulnerability management, and threat modeling across business units. Lead efforts to implement Zero Trust Architecture and security-by-design principles. Design and deploy security automation solutions for code scanning, container security , and infrastructure as code (IaC). Implement SAST, DAST, SCA, and RASP tools to detect and mitigate vulnerabilities in real time. Enforce privileged access management (PAM) and identity federation for DevOps toolchains. Optimize container and cloud security ( Docker, Kubernetes, AWS/Azure/ GCP ). Develop incident response playbooks for DevSecOps environments. Lead security incident investigations related to applications, APIs, and cloud environments. Collaborate with security operations (SOC) teams to improve threat detection and response capabilities. Ensure proactive threat intelligence integration into the DevSecOps lifecycle. Act as a security champion within business units, fostering collaboration between security, development, and operations teams. Provide technical mentorship and training to developers and DevOps engineers. Work closely with enterprise security teams to align security frameworks with corporate standards. Communicate security risks and solutions effectively to senior leadership.