DevSecOps Program Lead

$220,000 - $260,000/Yr

Oliver James Associates - New York, NY

posted 18 days ago

Full-time - Senior
New York, NY
Administrative and Support Services

About the position

The DevSecOps Program Lead is responsible for developing and executing a strategic vision for the adoption of DevSecOps across the enterprise. This role focuses on establishing processes, standards, and tooling to ensure a secure Software Development Life Cycle (S-SDLC). The position requires close collaboration with Security, DevOps, and Engineering teams to foster a culture that integrates security into every step of the development pipeline. It is an individual contributor role that balances hands-on technical expertise with strategic thinking to achieve long-term organizational goals.

Responsibilities

  • Collaborate with Security/DevOps/Engineering teams to design, implement, and manage a robust DevSecOps framework that integrates security tools and processes into CI/CD workflows.
  • Foster a security-first culture by guiding development teams in secure coding practices and methodologies.
  • Establish enterprise-wide DevSecOps policies and standards, conducting training and awareness programs for team members.
  • Develop Key Risk Indicators (KRIs) to monitor security health across business units, tracking progress and identifying risks.
  • Implement and manage security testing tools within the CI/CD pipeline, including SAST, DAST, and SCA for comprehensive vulnerability management.
  • Collaborate with Engineering to automate security controls and compliance checks in the development pipeline.
  • Act as the primary point of contact for troubleshooting and resolving security issues throughout the software development lifecycle.
  • Stay updated on emerging security threats and best practices to refine security posture and enhance DevSecOps practices.

Requirements

  • Proven experience in DevSecOps practices and frameworks.
  • Strong understanding of security principles and secure coding practices.
  • Experience with CI/CD tools and security testing tools (SAST, DAST, SCA).
  • Ability to develop and implement security policies and standards.
  • Excellent communication and collaboration skills to work with cross-functional teams.

Nice-to-haves

  • Certifications in security (e.g., CISSP, CISM, or similar).
  • Experience with cloud security and compliance frameworks.
  • Familiarity with regulatory compliance standards (e.g., GDPR, HIPAA).

Benefits

  • Competitive salary with performance bonuses.
  • Hybrid work model with flexibility in work location.
  • Opportunities for professional development and training.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service