This role requires the definition and execution of the DevSecOps strategy, encompassing the integration of security throughout the CI/CD pipeline and the entire Software Development Life Cycle (SDLC). The role is essential for maintaining the secure and compliant operation of multi-cloud environments (AWS, Azure, GCP) and containerized applications. Candidates must possess profound expertise in security automation, Infrastructure as Code (IaC), and relevant compliance frameworks, such as FedRAMP and NIST.
DevSecOps team plays a crucial role in driving security initiatives by working closely with Engineering, DevOps, InfoSec and Compliance teams to ensure security is embedded throughout the development and deployment lifecycle. The team would also provide clear ownership of security operations, improve risk management, and enable consistent enforcement of security best practices.