Lead DevSecOps

Overview

We are seeking a highly skilled and proactive Team Lead / Associate Team Lead DevSecOps to drive secure engineering practices across cloud infrastructure application development and operational environments. This role is ideal for a technically strong professional with expertise in DevSecOps cloud security CI/CD security automation and modern infrastructure practices.

The selected candidate will play a key role in embedding security throughout the software development lifecycle while collaborating closely with engineering DevOps and security operations teams to strengthen the overall cybersecurity posture of the organization.

Experience in Security Operations (SOC) threat monitoring and incident response will be considered a strong advantage.

Key Responsibilities

• Lead and mentor a team of DevSecOps engineers across cloud infrastructure and application security initiatives.
• Define and implement DevSecOps standards governance frameworks and best practices.
• Design build and manage secure CI/CD pipelines incorporating:
  • SAST
  • DAST
  • Software Composition Analysis (SCA)
  • Container security scanning
  • Infrastructure-as-Code (IaC) scanning
• Architect and secure cloud environments across Azure AWS and hybrid infrastructures.
• Implement secure Infrastructure-as-Code practices using Terraform ARM templates or equivalent technologies.
• Drive container and Kubernetes security initiatives including RBAC network policies admission controls and image security.
• Manage secrets privileged access and identity governance using solutions such as Azure Key Vault AWS Secrets Manager and IAM frameworks.
• Automate security controls compliance checks and operational processes across the SDLC.
• Collaborate with engineering DevOps and SOC teams to integrate security into development and operational workflows.
• Monitor and report on security KPIs vulnerabilities and compliance metrics.
• Support governance and compliance initiatives aligned with standards such as ISO 27001 SOC2 and CIS benchmarks.
• Contribute to threat detection incident response integrations and security monitoring strategies alongside SOC teams.
• Provide technical leadership during stakeholder discussions client engagements and architecture reviews.

Requirements

Team Lead

• 68 years of experience in DevOps Cybersecurity or DevSecOps environments.
• Prior experience leading or mentoring technical teams.

Associate Team Lead

• 5 years of relevant industry experience with strong hands-on technical capabilities.
• Demonstrated leadership potential and ability to guide engineering initiatives.

Technical Skills & Expertise

• Strong hands-on experience with CI/CD platforms such as:
  • Azure DevOps
  • GitHub Actions
  • Jenkins
• Strong expertise in Azure and/or AWS cloud security architecture.
• Experience with Docker Kubernetes and container security best practices.
• Strong scripting and automation capabilities using:
  • PowerShell
  • Python
  • Bash
• Expertise in Infrastructure-as-Code preferably Terraform.
• Strong understanding of:
  • OWASP Top 10
  • Secure SDLC
  • IAM & RBAC
  • Zero Trust Architecture
  • Network Security Principles
• Experience managing technical projects and mentoring engineering teams.

Highly Preferred / Nice to Have

• Experience with security tools such as:
  • SonarQube
  • Snyk
  • Checkmarx
  • Prisma Cloud
• Advanced Kubernetes security and policy enforcement experience.
• Experience with Policy-as-Code solutions such as OPA or Azure Policy.
• Hands-on experience with:
  • Microsoft Sentinel
  • Microsoft Defender Suite
  • Intune
• Strong KQL knowledge for advanced threat hunting and analytics.
• Familiarity with Logic Apps or similar automation platforms.
• Prior exposure to:
  • Security Operations Centers (SOC)
  • Incident response
  • Threat monitoring
• Experience driving enterprise-level DevSecOps transformations.

Certifications (Preferred)

• Microsoft Cybersecurity Architect Expert
• Azure Solutions Architect Expert
• AWS Security Specialty
• CISSP
• CKS
• Equivalent industry-recognized certifications

Work Schedule

• Willingness to work in a 247 roster-based operational environment.