DevSecOps Lead

invoicecloud

Hyderabad 7 Years Exp Posted 1h ago

Job Description

  • Owns the design, implementation, and ongoing operation of InvoiceCloud’s DevSecOps program, embedding security controls directly into CI/CD pipelines.
  • Defines secure coding standards, remediation SLAs, and enforcement guardrails to ensure consistent adoption across engineering teams.
  • Serves as the accountable owner for SDLC security posture, coordinating with engineering, cloud, and security stakeholders to resolve risk.
  • Communicates security posture, risks, and progress clearly to security leadership and executive stakeholders.

 

Drives Efficiency

  • Integrates automated SAST, DAST, SCA, IaC, container, and secrets scanning into development workflows to reduce manual effort and friction.
  • Designs and maintains scalable “golden path” pipelines with standardized guardrails, enabling teams to ship securely by default.
  • Establishes policy-as-code, admission controls, and branch protections to ensure repeatable, low-touch enforcement across environments.
  • Applies AI-driven and automated analysis to accelerate detection, triage, and remediation of security findings across the SDLC.

 

Results Driven

  • Defines and tracks measurable SDLC security metrics, reporting on maturity, coverage, and risk reduction over time.
  • Delivers phased outcomes that balance quick-win security improvements with long-term application security maturity.
  • Partners with engineering teams to ensure security improvements translate into meaningful risk reduction, not just tooling adoption.
  • Improves visibility into application security posture through consistent reporting and clear success criteria.

 

Innovative

  • Evolves DevSecOps practices by evaluating and adopting modern application and software supply chain security techniques.
  • Continuously improves tooling, workflows, and standards based on data, feedback, and emerging threat patterns.
  • Translates technical insights into practical, scalable improvements that strengthen security across business units.
  • Stays current on industry trends to ensure InvoiceCloud’s DevSecOps practices remain resilient as the platform scales.

 

Requirements

  • Bachelor’s degree in Computer Science, Software Engineering, or a related field preferred
  • 7+ years of experience in DevOps or Application Security with hands-on CI/CD expertise
  • Strong experience with Azure DevOps, application security tooling, infrastructure-as-code, and container security
  • Proven ability to operate autonomously, influence without authority, and deliver results in ambiguous environments 

 

Similar Openings for You