Job Description

About the Role:

We are seeking a Team Lead / Associate Team Lead – DevSecOps to lead a team of engineers in integrating security across development and operations. This role focuses on building and scaling secure CI/CD pipelines, cloud environments, and application security practices through automation and strong governance.

In addition to DevSecOps leadership, experience in security operations (SOC), threat detection, and incident response will be highly beneficial, as the role requires close collaboration with security teams to enhance overall security posture and response capabilities.

Key Responsibilities:

• Lead and mentor a team of DevSecOps engineers across cloud, application, and infrastructure security domains.
• Define and drive DevSecOps strategy, standards, and best practices across the organization.
• Architect and oversee secure CI/CD pipelines (SAST, DAST, SCA, container and IaC scanning).
• Design and implement security solutions across Azure, AWS, and hybrid environments.
• Ensure secure Infrastructure as Code (IaC) practices using Terraform, ARM, or similar tools.
• Guide implementation of container and Kubernetes security (RBAC, network policies, image scanning).
• Oversee secrets and identity management (Azure Key Vault, AWS Secrets Manager, IAM).
• Drive automation of security processes, controls, and incident response integrations.
• Collaborate with DevOps, SOC, and engineering teams to embed security across the SDLC.
• Establish and monitor security KPIs, metrics, and reporting.
• Support and lead compliance initiatives (SOC2, ISO 27001, CIS benchmarks).
• Align DevSecOps practices with threat detection and response strategies in coordination with SOC teams.
• Manage stakeholder and client engagements, providing technical leadership and guidance.

Qualifications:

• Team Lead: 6–8+ years of experience in DevOps, Security, or DevSecOps, with leadership experience.
• Associate Team Lead: 5+ years of experience with strong technical expertise and emerging leadership capabilities.
• Strong hands-on experience with CI/CD tools (Azure DevOps, GitHub Actions, Jenkins).
• Deep familiarity with cloud platforms (Azure and/or AWS) and security architecture.
• Strong experience with containerization technologies (Docker, Kubernetes).
• Proficiency in scripting (PowerShell, Python, Bash) and Infrastructure as Code (Terraform preferred).
• Strong understanding of application security (OWASP Top 10) and secure SDLC practices.
• Expertise in IAM, RBAC, Zero Trust, and network security principles.
• Proven experience in mentoring teams and managing technical projects.

Nice to Have (Highly Beneficial):

• Experience with security tools such as SonarQube, Snyk, Checkmarx, Prisma Cloud, or similar.
• Advanced experience with Kubernetes security and policy enforcement.
• Experience with policy-as-code (OPA, Azure Policy).
• Hands-on experience with Azure Sentinel, Microsoft Defender suite, and Intune.
• Strong knowledge of KQL for threat detection and advanced analytics.
• Familiarity with Logic Apps or similar tools for security automation.
• Prior experience in Security Operations (SOC), incident response, or threat monitoring.
• Experience in leading DevSecOps transformations or large-scale implementations.

Certifications such as:

• Microsoft Cybersecurity Architect Expert
• Azure Solutions Architect Expert
• AWS Security Specialty
• CISSP, CKS, or equivalent

Work Schedule: 24x7 roster-based