Github SME

As a highly skilled and experienced Senior DevOps Engineer, your primary focus will be on securing the entire software supply chain, particularly in the GitHub Enterprise Cloud environment. You will play a crucial role in designing, implementing, and enforcing security controls, automation, and governance to ensure that our code, configurations, and CI/CD pipelines adhere to the highest security standards. Key Responsibilities: - Serve as the primary administrator and security lead for GitHub Enterprise Cloud. - Design and enforce organization-wide security policies, including Branch Protection Rules, user permissions, and repository creation standards. - Demonstrate deep expertise in implementing and leveraging GitHub Advanced Security (GHAS) features such as Code Scanning (CodeQL), Secret Scanning, and Dependency Review. - Integrate security tools into the CI/CD pipeline using GitHub Actions. - Automate security checks for static code analysis (SAST), dynamic analysis (DAST), and software composition analysis (SCA). - Manage and secure sensitive credentials using a Secrets Management platform (e.g., Azure Key Vault). - Maintain secure integration of GitHub with the Identity Provider (IdP) for Single Sign-On (SSO) and automated provisioning (SCIM). - Implement and enforce Least Privilege Access models for users, teams, and CI/CD service accounts. - Implement and maintain GitHub configurations as code using tools like Terraform for version control, auditability, and consistency. - Develop automated scripts (Python/Bash) for security reporting, drift detection, and remediation within the GitHub ecosystem. Desirable Qualifications: - Experience with cloud security principles and securing pipelines deploying to Azure. - Knowledge of OIDC implementation for secure deployment from GitHub Actions to cloud environments. - Experience in designing automated vulnerability triage and ticketing workflows. - Proven ability to work with development teams to foster a culture of security awareness. - Experience in writing, reviewing, and hardening custom GitHub Actions. Required Experience & Skills: - 5+ years of experience in a DevOps, SRE, or Application Security role. - 3+ years of dedicated experience administering and securing GitHub Enterprise. - Proficiency in Git and advanced Git workflows. - Expertise with Infrastructure as Code (Terraform). - Strong scripting skills, preferably in Python. - Excellent communication and collaboration skills.,