DevSecOps Lead

DevSecOps Lead

Job Summary:

We are seeking a highly skilled and experienced DevSecOps Architect/Lead to lead the architecture, deployment, and configuration of DevSecOps solutions across hybrid and multi-cloud environments. The ideal candidate will have hands-on expertise in designing and implementing DevSecOps CI/CD solutions for automating end-to-end Delivery pipeline.

Experince Level:  9 to 12 ( Relevant years ) 

Key Responsibilities:

• Architect enterprise-grade DevSecOps solutions inline with industry standards
• Lead the discovery of CI/CD and IaC  and develop the blueprints for target architecture
• Lead the Assessment of the current state DevSecOps maturity and align to industry maturity models
• Must be able to design and architect the DevSecOps ecosystem from scratch
• Develop ways of working for Continuous Integration and Continuous Delivery with automated DevSecOps platforms
• Must have hands-on deep expertise in setting up CI/CD pipelines, IaC for Infrastructure provisioning, Security and Quality integrations in the pipeline with GitHub actions workflows.
• Design and implement end to end CI/CD pipelines with quality and security integration
• Design the CI/CD and IaC infrastructure and create standardized blueprints and reusable components
• Implement SAST, DAST, SCA tools and integrate in the CI/CD pipeline
• Good understanding of Azure Kubernetes and AWS Kubernetes
• Work closely with the customer Application teams and Infrastructure teams
• Implement reusable pipeline and IaC templates for infrastructure provisioning and integrate with the CI/CD pipelines
• Lead the onboarding of applications on the Core DevSecOps platform
• Understanding of GitOps practices using ArgoCD
• Develop Golden paths for Pipeline and IaC
• Create target architecture for enabling DevSecOps for applications and infrastructure
• Work with Observability team for DevSecOps integration with AIOps platform
• Design and build dashboards for end-to-end value stream visibility
• Implement identity, RBAC, and security controls for DevSecOps tools
• Create runbooks and SOP for application onboarding
• Develop wave plans for Enterprise rollout of the DevSecOps platform and practices.
• Good to have experience setting up DevSecOps Community of Practice and Centre of Excellence.

Required Skills & Qualifications:

• Proven hands-on experience with multiple CI/CD platforms like GitHub actions (primary), Azure DevSecOps, GitLab environments.
• Proven experience with GitHub Enterprise Server, JFrog Artifactory/Xray, Black Duck, and Open Source Libraries.
• Experience with Developer Toolchains (Ansible, Docker, Maven, Node, Python, Gulp, React, NuGet, Java/JDK/JRE)
• Strong knowledge of Azure, AWS, and GCP cloud infrastructure.
• Experience with integration of security (SAST, DAST, SCA) tools like Black Duck, Trivy, Synk, SonarQube, Veracode, Fortify in the pipeline
• Strong in IaC tools like Terraform or infrastructure provisioning (VMs, AKS, containers).
• Experience with application onboarding at scale on the DevSecOps platform
• Familiarity configuration management tools like Ansible for Infrastructure configurations.
• Familiarity with GitOps tools like ArgoCD
• Strong analytical skills and understanding of DevSecOps practices.
• Excellent communication and documentation skills.
• Experience working with Application teams to develop the target state DevSecOps architecture