Launch Recite Me assistive technology
Back to job search

DevSecOps Program Lead

  • Location:

    New York

  • Sector:

    Technology

  • Job type:

    Permanent

  • Salary:

    US$220000 - US$260000 per annum + Bonus

  • Contact:

    William Barclay

  • Contact email:

    William.Barclay@oliverjames.com

  • Job ref:

    JOB-082024-256665_1731100736

  • Published:

    ongeveer 2 maanden geleden

  • Expiry date:

    2024-12-08

  • Startdate:

    ASAP

Title: DevSecOps Program Lead
Location: NYC (Hybrid, 3 days onsite)
Type: FTE, Direct Hire
Base Salary Range: Up to $260k


As the DevSecOps Program Leader, you will be responsible for developing and executing a strategic vision for DevSecOps adoption across the enterprise. You'll establish processes, standards, and tooling to ensure a secure Software Development Life Cycle (S-SDLC). This role will involve close collaboration with Security, DevOps and Engineering teams to build a culture that integrates security into every step of our development pipeline.

This will be an individual contributor, thought leader position - aligned to the Security verticle within the organisation. It will involve a fine balance of both hands-on technical expertise with your ability to think strategically, and develop long-term organizational goals.

Key Responsibilities:
  • DevSecOps Framework: Collaborate with Security/DevOps/Engineering teams to design, implement, and manage a robust DevSecOps framework that integrates security tools and processes into our CI/CD workflows, improving both security and developer efficiency.
  • Security Leadership: Foster a security-first culture by guiding the development teams in secure coding practices and development methodologies. Advocate for secure development principles and ensure they are embedded across all projects.
  • Policy and Standard Creation: Establish enterprise-wide DevSecOps policies and standards. Conduct regular training and awareness programs to ensure all team members understand and apply best security practices.
  • Risk Management: Develop Key Risk Indicators (KRIs) to monitor security health across various business units. Track progress, identify risks, and take corrective action where necessary.
  • Security Tooling: Implement and manage security testing tools within the CI/CD pipeline, including static and dynamic application security testing (SAST, DAST), software composition analysis (SCA), and open-source security tools to ensure comprehensive vulnerability management.
  • Automation and Compliance: Collaborate with Engineering to automate security controls and compliance checks in the development pipeline, ensuring the adoption of industry standards and regulatory compliance across all systems.
  • Issue Resolution: Act as the primary point of contact for troubleshooting and resolving security issues throughout the software development lifecycle, ensuring timely and effective resolution.
  • Continuous Improvement: Stay updated on emerging security threats, vulnerabilities, and best practices, using this knowledge to refine our security posture and enhance the effectiveness of DevSecOps practices.
To be considered for the role please apply online or email an updated Resume to William Barclay at Oliver James - william.barclay@oliverjames.com

Image 2020 11 03 T18 19 45

The latest OJ Webinar

Are you looking to relocate?