- Define and implement enterprise-wide DevSecOps standards, patterns, and guardrails.
- Design and build security automation mechanisms such as secure CI/CD pipelines with integrated SAST, DAST, SCA, IaC scanning, and container security.
- Design and Implement cloud-native security tooling and platforms.
- Lead security reviews, audits and threat modeling for high-impact platforms and projects.
- Guide teams and promote security awareness on secure coding, vulnerability remediation, and cloud security best practices.
- Automate compliance and governance requirements at scale.
- Participate in and lead security incident lifecycle, including RCA, remediation, postmortem analysis, and resilience improvements.
- Mentor and coach DevOps/DevSecOps engineers across teams.
- Ensure client systems meet regulatory standards (NIST, ISO, SOC 2, PCI DSS, GDPR).
DockerPythonBash+4 more