Senior DevSecOps Architect

Title: Senior DevSecOps Architect (focus on AI/ML Security)

Years of Exp.: 10 years exp.

Skills: ci/cd ai/ml to automate threat detection code reviews sast/dast securing ai workflows intelligence automation pac policy as a code threat modeling and red team developer empowerment devops and infrastructure security tooling ai/ml programming observability

Work Location: East Coast Remote (Candidates located in Raleigh NC Washington DC or Eagan MN will get preference)

Clearance: Public Trust Clearance or Higher Preferred

Job Description

Description:

As a Senior DevSecOps Architect you will lead the evolution of our software delivery lifecycle by embedding security into every stage of the CI/CD pipeline. This role is specifically focused on leveraging Artificial Intelligence to automate threat detection optimize code reviews and secure AI-native applications. You will be responsible for building a robust self-healing DevSecOps ecosystem that balances rapid deployment with uncompromising security standards.

Key Responsibilities
AI-Enhanced Pipeline Security: Architect and maintain automated CI/CD pipelines that utilize AI/ML models for static and dynamic analysis (SAST/DAST) to identify complex vulnerabilities that traditional rule-based tools miss.
Securing AI Workflows: Design security frameworks for the end-to-end AI lifecycle including securing data ingestion protecting model weights and implementing Guardrail architectures for Large Language Models (LLMs).
Intelligent Automation: Develop AI-driven orchestration (SOAR) to automate the triage and remediation of security findings reducing manual overhead for engineering teams.
Policy as Code (PaC): Implement enterprise-wide governance using tools like Open Policy Agent (OPA) to enforce security compliance automatically across multi-cloud environments.
Threat Modeling & Red Teaming: Conduct advanced threat modeling for cloud-native applications specifically accounting for AI-specific attack vectors like model inversion or data poisoning.
Developer Empowerment: Create self-service security tools and Golden Paths that allow developers to deploy securely without friction fostering a proactive security culture.

Technical Qualifications:

Category - DevOps & Infrastructure
Requirements - Expert-level experience with Kubernetes Terraform/Pulumi and cloud platforms (AWS Azure or GCP).

Category - Security Tooling
Requirements - Mastery of integrating SAST DAST SCA and Secret Scanning into GitHub Actions GitLab CI or Jenkins.

Category - AI/ML Security
Requirements - Hands-on experience securing MLOps pipelines and implementing security for AI-integrated APIs.

Category - Programming
Requirements - Proficiency in Python Go or Bash for building custom security automation and AI-driven scripts.

Category - Observability
Requirements - Deep knowledge of eBPF Prometheus and AI-powered logging/monitoring tools (e.g. Dynatrace or Datadog).

Preferred Experience
Experience: 10 years in IT with at least 5 years dedicated to DevSecOps leadership in high-scale environments.
AI Expertise: Proven track record of implementing AI/ML to solve operational or security challenges.
Education: A degree from an accredited College/University in the applicable field of services is required. If the individuals degree is not in the applicable field then four additional years of related experience is required..
Soft Skills: Strong ability to bridge the gap between Speed of DevOps and Rigors of Security while communicating clearly with executive leadership.

Core Objectives
Shift Left: Achieve 90% automated security coverage across all production-bound code.
Mean Time to Remediate (MTTR): Utilize AI to reduce vulnerability remediation time by 40% within the first year.
Innovation: Stay at the forefront of the AI for Security and Security for AI movements