Lead - DevSecOps (Azure)

We are seeking a highly skilled and proactive Team Lead / Associate Team Lead – DevSecOps to drive secure engineering practices across cloud infrastructure, application development, and operational environments. This role is ideal for a technically strong professional with expertise in DevSecOps, cloud security, CI/CD security automation, and modern infrastructure practices.

The selected candidate will play a key role in embedding security throughout the software development lifecycle while collaborating closely with engineering, DevOps, and security operations teams to strengthen the overall cybersecurity posture of the organization.

Experience in Security Operations (SOC), threat monitoring, and incident response will be considered a strong advantage.

• → Lead and mentor a team of DevSecOps engineers across cloud, infrastructure, and application security initiatives.
• → Define and implement DevSecOps standards, governance frameworks, and best practices.
• → Design, build, and manage secure CI/CD pipelines incorporating:
  • → SAST
  • → DAST
  • → Software Composition Analysis (SCA)
  • → Container security scanning
  • → Infrastructure-as-Code (IaC) scanning
• → Architect and secure cloud environments across Azure, AWS, and hybrid infrastructures.
• → Implement secure Infrastructure-as-Code practices using Terraform, ARM templates, or equivalent technologies.
• → Drive container and Kubernetes security initiatives including RBAC, network policies, admission controls, and image security.
• → Manage secrets, privileged access, and identity governance using solutions such as Azure Key Vault, AWS Secrets Manager, and IAM frameworks.
• → Automate security controls, compliance checks, and operational processes across the SDLC.
• → Collaborate with engineering, DevOps, and SOC teams to integrate security into development and operational workflows.
• → Monitor and report on security KPIs, vulnerabilities, and compliance metrics.
• → Support governance and compliance initiatives aligned with standards such as ISO 27001, SOC2, and CIS benchmarks.
• → Contribute to threat detection, incident response integrations, and security monitoring strategies alongside SOC teams.
• → Provide technical leadership during stakeholder discussions, client engagements, and architecture reviews.

• 6–8+ years of experience in DevOps, Cybersecurity, or DevSecOps environments.
• Prior experience leading or mentoring technical teams.

• 5+ years of relevant industry experience with strong hands-on technical capabilities.
• Demonstrated leadership potential and ability to guide engineering initiatives.

• Strong hands-on experience with CI/CD platforms such as:
  • Azure DevOps
  • GitHub Actions
  • Jenkins
• Strong expertise in Azure and/or AWS cloud security architecture.
• Experience with Docker, Kubernetes, and container security best practices.
• Strong scripting and automation capabilities using:
  • PowerShell
  • Python
  • Bash
• Expertise in Infrastructure-as-Code, preferably Terraform.
• Strong understanding of:
  • OWASP Top 10
  • Secure SDLC
  • IAM & RBAC
  • Zero Trust Architecture
  • Network Security Principles
• Experience managing technical projects and mentoring engineering teams.

• Experience with security tools such as:
  • SonarQube
  • Snyk
  • Checkmarx
  • Prisma Cloud
• Advanced Kubernetes security and policy enforcement experience.
• Experience with Policy-as-Code solutions such as OPA or Azure Policy.
• Hands-on experience with:
  • Microsoft Sentinel
  • Microsoft Defender Suite
  • Intune
• Strong KQL knowledge for advanced threat hunting and analytics.
• Familiarity with Logic Apps or similar automation platforms.
• Prior exposure to:
  • Security Operations Centers (SOC)
  • Incident response
  • Threat monitoring
• Experience driving enterprise-level DevSecOps transformations.

• Microsoft Cybersecurity Architect Expert
• Azure Solutions Architect Expert
• AWS Security Specialty
• CISSP
• CKS
• Equivalent industry-recognized certifications

• Willingness to work in a 24×7 roster-based operational environment.