DevSecOps Team Lead

About the role

This high‑impact leadership position is for an experienced DevSecOps professional who will shape the security strategy of a fast‑paced, globally distributed organization. You will embed security into every stage of the software development lifecycle while enabling engineering teams to innovate safely and rapidly.

Key responsibilities

• Lead, mentor, and grow a team of DevSecOps engineers, fostering a culture of collaboration, ownership, continuous improvement, and high performance across distributed teams.
• Define and execute the DevSecOps roadmap, aligning security initiatives with broader engineering and business objectives while promoting secure development practices organization‑wide.
• Partner with Engineering and Product teams to integrate security requirements early in the product lifecycle and support secure‑by‑design development methodologies.
• Oversee the implementation of Policy‑as‑Code frameworks and automated compliance controls using tools such as OPA or Kyverno across cloud and Kubernetes environments.
• Drive the design and governance of secure cloud architectures, focusing on Zero Trust principles, identity‑based access management, and container security best practices.
• Manage security tooling and vendor relationships, evaluating solutions to optimize security coverage, scalability, and operational efficiency.
• Establish and monitor key security metrics including MTTR, vulnerability remediation trends, and detection accuracy to improve operational performance and risk visibility.
• Serve as a senior escalation point during security incidents, leading root cause analysis and blameless post‑mortem reviews to strengthen resilience and processes.

Required profile

• Minimum 6 years of experience in Security, DevOps, Infrastructure, or related cloud engineering roles.
• At least 2 years of leadership experience managing or mentoring technical teams in DevSecOps, Security Engineering, or Platform Engineering.
• Strong expertise with Infrastructure‑as‑Code and automation tools such as Terraform/OpenTofu, Ansible, and CI/CD platforms including GitHub Actions or GitLab CI.
• Deep understanding of Kubernetes security, RBAC, network policies, and admission controls.
• Proven ability to design and implement secure cloud architectures and Policy‑as‑Code solutions.

Required skills

• Terraform / OpenTofu
• Ansible
• GitHub Actions
• GitLab CI
• OPA (Open Policy Agent)
• Kyverno
• Kubernetes
• RBAC
• Network policies
• Container security