DevSecOps Lead

Position Summary

Allianz’ digital future is coming through a combination of technology trends such as cloud, micro-services, big data, and mobile requires individuals who are close to technology and love working in a tight-knit team.
DevOps Engineers are role-models for changing the culture of Allianz and provide self-services tools and easy configuration to other IT specialists. They see their work as building a development and cloud platform used by other engineers, not providing a manual and repetitive service. The ideal candidate will prefer the excitement of shaping the technology evolution over following the beaten path and regards highly qualified colleagues not as competition, but as a learning opportunity. He will have or learn good knowledge about concepts as well as hands-on experience with developing CI/CD pipelines and manage fully automated zero-downtime deployment of containerized applications.
 

Job Responsibilities

Leadership and Strategy

• Lead Cross-Functional Teams: Guide and mentor multiple DevSecOps teams, fostering collaboration between development, security, and operations.
• Establish ‘As Code’ Culture: Advocate for a automation-first mindset across all teams, promoting the integration of automation, security and controls practices into daily workflows and development processes.

CI/CD Pipeline Development

• Build CI/CD Infrastructure: Design and implement robust CI/CD pipelines that facilitate automated testing, integration, and deployment while ensuring security checks are embedded at each stage.
• Automate Security Testing: Integrate automated security testing tools within the CI/CD pipeline to identify vulnerabilities early in the development process.

Continuous Improvement

• Monitor and Optimize - Continuously assess the effectiveness of the CI/CD processes and security practices, making improvements based on feedback and evolving best practices.
• Foster Innovation - Encourage teams to adopt new tools and technologies that enhance security and streamline delivery processes.
   

Collaboration and Communication

• Engage Stakeholders - Collaborate with product management, compliance teams, and other stakeholders to prioritize security-related initiatives and ensure alignment with business objectives.
• Educate Teams - Organize training sessions and workshops to enhance the team's understanding of DevSecOps principles, tools, and practices.
   

Compliance and Governance

• Implement Security Policies - Ensure all DevSecOps practices comply with organizational policies, industry standards, and regulatory requirements.
• Conduct Audits - Regularly review processes and systems for compliance with established security protocols
   

Job Requirements

• Bachelor or Master’s degree in Computer Science or equivalent with a focus on software engineering, large-scale delivery platform and SW factory.

Technical Requirements

• DevSecOps Tools: Familiarity with various DevSecOps tools such as CI/CD tools (e.g., Jenkins, GitHub Actions), security scanning tools (e.g., SAST, DAST), proficiency in cross-platform scripting languages and build tools (Nexus, Artifactory, Maven, Gradle) and infrastructure as code (IaC) tools for major Cloud platforms.
• Software Development Practices: Strong background in software development methodologies (Agile, Scrum) and experience with programming languages commonly used in development (e.g., Angular, Python, Java).
• CI/CD Pipeline Development: Proven experience in designing and implementing CI/CD pipelines that integrate security practices at every stage of the software development lifecycle (SDLC).
• Cross-Functional Collaboration: Experience working in cross-functional teams that include developers, operations, and security professionals to foster a collaborative DevSecOps culture.
• Project Management: Familiar with Agile development practices, feel comfortable supporting an Agile development process (SCRUM, LeSS, Kanban, XP). 
   

Leadership Skills

• Vision Setting: Capability to articulate a clear vision for DevSecOps initiatives and align team efforts towards achieving this vision.
• Cultural Change Advocacy: Experience in promoting a culture within the organization by providing training, resources, and support for team members. 
• Continuous Improvement Mindset: Commitment to continuous learning and improvement through feedback loops, experimentation, and recognition of successes
   

Soft Skills

• Communication: Outstanding verbal and written English communication skills to facilitate discussions among diverse teams and ensure transparency in processes, promoting collaboration, stakeholder management, and ability to influence without authority.
• Problem-Solving: Ability to identify issues quickly and implement effective solutions within a fast-paced environment.
• Flexibility to adapt to changing technologies and methodologies in the rapidly evolving landscape of DevSecOps.
• Self-motivated, resourceful, and able to define direction autonomously. Style of management is at high level only. We expect employees to discuss and define overall directions.
   

Allianz Group is one of the most trusted insurance and asset management companies in the world. Caring for our employees, their ambitions, dreams and challenges, is what makes us a unique employer. Together we can build an environment where everyone feels empowered and has the confidence to explore, to grow and to shape a better future for our customers and the world around us. 
We at Allianz believe in a diverse and inclusive workforce and are proud to be an equal opportunity employer. We encourage you to bring your whole self to work, no matter where you are from, what you look like, who you love or what you believe in.
We therefore welcome applications regardless of ethnicity or cultural background, age, gender, nationality, religion, disability or sexual orientation.
Great to have you on board. Let's care for tomorrow.