DevSecOps Lead

$220,000 - $260,000/Yr

Oliver James Associates - New York, NY

posted about 1 month ago

Full-time - Senior
New York, NY
Administrative and Support Services

About the position

The DevSecOps Lead will be responsible for developing and executing a strategic vision for DevSecOps adoption across the enterprise. This role focuses on establishing processes, standards, and tooling to ensure a secure Software Development Life Cycle (S-SDLC). The position requires close collaboration with Security, DevOps, and Engineering teams to foster a culture that integrates security into every step of the development pipeline. It is an individual contributor role that balances hands-on technical expertise with strategic thinking to develop long-term organizational goals.

Responsibilities

  • Collaborate with Security/DevOps/Engineering teams to design, implement, and manage a robust DevSecOps framework that integrates security tools and processes into CI/CD workflows.
  • Foster a security-first culture by guiding development teams in secure coding practices and methodologies.
  • Establish enterprise-wide DevSecOps policies and standards, conducting training and awareness programs for team members.
  • Develop Key Risk Indicators (KRIs) to monitor security health across business units, tracking progress and identifying risks.
  • Implement and manage security testing tools within the CI/CD pipeline, including SAST, DAST, and SCA for comprehensive vulnerability management.
  • Collaborate with Engineering to automate security controls and compliance checks in the development pipeline.
  • Act as the primary point of contact for troubleshooting and resolving security issues throughout the software development lifecycle.
  • Stay updated on emerging security threats and best practices to refine security posture and enhance DevSecOps effectiveness.

Requirements

  • Proven experience in DevSecOps practices and frameworks.
  • Strong understanding of security principles and secure coding practices.
  • Experience with CI/CD tools and security testing tools (SAST, DAST, SCA).
  • Ability to develop and implement security policies and standards.
  • Excellent communication and collaboration skills to work with cross-functional teams.

Nice-to-haves

  • Certifications in security (e.g., CISSP, CISM, or similar).
  • Experience with cloud security and compliance frameworks.
  • Familiarity with automation tools and scripting languages.

Benefits

  • Competitive salary with performance bonuses.
  • Hybrid work model with flexibility in work location.
Job Description Matching

Match and compare your resume to any job description

Start Matching

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service