Manager, DevSecOps Engineering

Tasks

• Conduct threat modeling
• Coordinate crowd testing campaigns
• Define and enforce security policies and standards
• Drive vulnerability triage and remediation
• Enforce DevSecOps practices across CI CD pipelines
• Integrate security tooling into development workflows
• Interface with auditors and clients on security posture
• Lead penetration testing cycles
• Maintain incident response playbook
• Maintain risk register and track remediation SLAs
• Manage security tooling stack
• Mentor developers on secure coding practices
• Perform secure code reviews
• Provide security training for developers
• Serve as security SME
• Support GDPR compliance
• Support ISO 27001 compliance
• Support SOC 2 compliance
• Support incident investigations

Perks/Benefits

• Career growth opportunities
• Flexible paid time off
• Laptop reimbursement
• Ongoing training
• Remote work flexibility

Skills/Tech-stack

AWS | Application Security | Azure | CI/CD | Cloud Security | Code Analysis | Code review | Composition analysis | Container Security | DAST | DLP | Dast Scanning | DevSecOps | Docker | GCP | GDPR | ISO 27001 | Incident Response | Insider Threat | Kubernetes | Penetration Testing | Risk Management | SAST | SAST scanning | SCA | SOC 2 | Secrets management | Secure Code | Secure Code Review | Security Policy | Security tooling | Security training | Software Composition Analysis | Static Code Analysis | Threat modeling | Vulnerability Management