DevOps Specialist

Role Summary

DevSecOps Lead

DevSecOps Lead

Required Technical Expertise

• Deep hands-on experience with CI/CD tools (e.g., Jenkins, GitHub Actions, GitLab CI).
• Strong scripting and automation skills (Python, Bash, PowerShell).
• Experience with Infrastructure as Code.
• Containerization & orchestration (Docker, Kubernetes).
• Experience implementing DevSecOps controls and security scanning tools (SonarQube, Fortify, etc.).
• Cloud-native architecture knowledge (AWS/Azure).
• Experience with API gateway integrations and microservices architectures.
• Strong understanding of branching strategies and Git workflows.

Leadership & Behavioral Competencies

• Ability to operate at both strategic and hands-on technical levels.
• Strong stakeholder management and executive communication skills.
• Experience working within large-scale Agile/SAFe environments.
• Proven ability to influence cross-functional teams without direct authority.
• Strong problem-solving and systems-thinking mindset.
• Ability to drive cultural transformation toward DevSecOps adoption.

Preferred Qualifications

• SAFe DevOps certification
• AWS/Azure Architect certifications
• CISSP / Security certifications (desirable)
• Experience in Digital, eCommerce, or Airline/Travel platforms (preferred)

1. DevSecOps Strategy & Architecture

• Define and implement an end-to-end DevSecOps strategy aligned with Agile Release Train delivery.
• Architect and standardize CI/CD pipelines across multiple digital products and platforms.
• Establish DevSecOps governance, controls, and best practices across teams.
• Embed security controls (Shift Left) within development and deployment pipelines.

2. CI/CD & Release Automation

• Design and implement automated build, test, security scan, and deployment pipelines.
• Integrate automated unit, integration, regression, performance, and security testing into CI/CD workflows.
• Enable environment provisioning through Infrastructure as Code (IaC).
• Drive release orchestration, version control, branching strategies, and rollback mechanisms.
• Optimize deployment frequency while ensuring reliability and compliance.

3. Security & Compliance Integration

• Implement SAST, DAST, SCA, container security, and secrets management in pipelines.
• Ensure secure API lifecycle management.
• Establish DevSecOps metrics and compliance reporting dashboards.
• Collaborate with InfoSec and Risk teams to align with regulatory and enterprise security standards.

4. Cloud & Infrastructure Enablement

• Lead automation across cloud environments (AWS/Azure/GCP).
• Implement containerization and orchestration strategies (Docker, Kubernetes).
• Optimize scalability, resilience, and cost-efficiency of environments.
• Establish monitoring, observability, and logging frameworks.

5. Stakeholder & Program Leadership

• Act as the primary DevSecOps SME across Business and Technology.
• Collaborate with Enterprise Architects to align pipelines with long-term architecture vision.
• Engage senior business stakeholders to communicate risks, trade-offs, and roadmap priorities.
• Lead cross-functional teams and mentor DevOps engineers.