DevSecOps Lead

Job summary

YipitData is seeking a DevSecOps Lead to build and scale secure software development lifecycle practices. This hands-on role involves partnering with Engineering, Platform, and Security to implement security standards and improve developer workflows.

Benefits

Qualifications

• 6+ years of experience in DevSecOps, security engineering, application security, cloud security, or DevOps
• Experience building or improving Secure SDLC, CI/CD security, or vulnerability management programs
• Understanding of Git-based workflows, CI/CD systems, cloud-native development, containers, and repository security controls
• Experience implementing or governing controls such as branch protection, code review, secrets scanning
• Ability to translate security requirements into clear standards
• Comfortable influencing stakeholders across Security, Engineering, and leadership
• Experience with GitHub Enterprise, GitHub Actions, Jenkins, or similar platforms preferred
• Experience supporting SOC 2, audit readiness, or customer assurance efforts preferred
• Familiarity with software supply chain security concepts such as SBOMs, image signing, and artifact integrity preferred

Responsibilities

• Own the roadmap for secure SDLC controls
• Develop and maintain secure development policies
• Drive adoption of key controls across repositories and pipelines
• Partner with Engineering and Product teams to integrate security guardrails
• Support vulnerability management operations
• Build reference implementations, templates, and onboarding guidance
• Define and report on metrics
• Prepare audit-ready documentation
• Evaluate and prioritize future enhancements

Skills

Relocation