Job
Description
Overview We are seeking a seasoned DevSecOps Lead to own and advance our security-by-design approach across the entire software development lifecycle. In this role, you will define and drive a comprehensive DevSecOps strategy, architect and automate secure CI/CD pipelines, and embed security best practices into our cloud-native infrastructure. You will partner closely with engineering, security, and operations teams to enable rapid, compliant, and resilient software delivery at scale. Responsibilities DevSecOps Strategy & Roadmap - Define a multi-year DevSecOps vision and actionable roadmap. - Identify gaps in current practices and propose improvements in tooling, automation, and processes. Secure CI/CD Implementation - Architect, build, and maintain automated pipelines (GitHub Actions, Jenkins, etc.) that integrate security checks (SAST, DAST, dependency scanning). - Enforce shift-left security controlssecret scanning, container image hardening, infrastructure policy as code. Technical Leadership & Innovation - Evaluate and introduce next-gen DevSecOps platforms and open-source tools. - Pilot AI/ML-driven security analytics and self-service guardrails. - Serve as hands-on expert for complex troubleshooting and incident response. Cross-Functional Collaboration - Work with application teams to bake in secure infrastructure as code (Terraform, ARM Templates, Helm). - Partner with SREs and cloud platform engineers to align security requirements on Kubernetes, serverless, and bare-metal architectures. - Coach and mentor developers on secure-coding standards and threat modeling. Governance, Compliance & Risk Management - Define security guardrails, policies, and approval workflows to meet PCI-DSS, SOC 2, ISO 27001, or similar frameworks. - Collaborate with audit teams to validate adherence to regulatory controls. - Track and remediate security findings through a centralized ticketing and reporting process. Platform Modernization & Migration - Lead migration of build/test/release pipelines from legacy on-prem tools to cloud-native platforms. - Optimize performance, cost, and security posture in container registries, artifact repositories, and vaults. Qualifications Bachelors or Masters degree in Computer Science, Engineering, or related field. - 12+ years of software development or DevOps experience, with 4+ years focused on DevSecOps. - Hands-on expertise with GitHub (Actions, Packages), Jenkins, or comparable CI/CD platforms. - Proficiency in scripting/programming (Python, Bash, Go, or similar). - Strong knowledge of container orchestration (Kubernetes, Docker) and service mesh fundamentals. - Experience with infrastructure as code (Terraform, CloudFormation, ARM Templates, Helm). - Familiarity with security scanning tools (SonarQube, Semgrep and Snyk) and remediation workflows. - Deep understanding of cloud security controls in AWS, Azure, or GCP. - Excellent communication skills, with experience presenting to both technical and executive audiences. Preferred Skills & Certifications - Certifications: CKA/CKAD, Certified DevSecOps Professional (CDP), or CISSP. - Experience with policy-as-code frameworks (Open Policy Agent, HashiCorp Sentinel). - Familiarity with SIEM, SOAR, and threat-intelligence platforms. - Prior leadership or people-management experience.
