Principal DevSecOps Engineer

The Principal Dev Sec Ops  Engineer will serve as a senior technical leader within the Dev Sec Ops  Center of Excellence (CoE), driving automation, security, observability, and cost optimization across the enterprise. T his role operates at the CoE level— establishing global standards, frameworks, reusable automation modules, and governance that enable consistent and secure software delivery at scale.

This individual will act as a technical authority, mentor, and cross‑functional collaborator, ensuring that Dev Sec Ops  best practices are applied across CI/CD pipelines, infrastructure‑as‑code (IaC), cloud security, and Fin Ops. The role requires strong hands‑on expertise in Dev Sec Ops  tooling, a deep understanding of modern cloud‑native architectures, and the ability to influence product teams through thought leadership, frameworks, and reusable solutions.

• Act as the technical lead for the Dev Sec Ops  CoE, driving strategy and execution of security, automation, and observability practices.

• Design and maintain reusable CI/CD frameworks, IaC modules, and security guardrails for consistent adoption across all product lines.

• Define, document, and enforce Dev Sec Ops  standards, policies, and best practices.

• Mentor embedded Dev Sec Ops  engineers and provide guidance on pipeline design, automation, cost optimization and compliance.

• Architect and optimize CI/CD pipelines (Git Hub Actions, Git Lab CI, ArgoCD, Jenkins, Artifactory, Veracode) to enable frequent, secure deployments.

• Integrate SAST, SCA, DAST, and container scanning into delivery workflows.

• Establish Git Ops practices using Terraform, Pulumi or Crossplane for infrastructure provisioning.

• Track and drive improvements in DORA metrics (deployment frequency, lead time, MTTR, change failure rate).

• Implement "shift-left" security by embedding security testing and compliance automation into pipelines.

• Partner with Security and SRE teams to enforce SLIs, SLOs, and error budgets in delivery pipelines.

• Advance unified observability initiatives by integrating New Relic, Datadog, Prometheus, Grafana, Open Telemetry, and Cloud Watch into pipelines.

• Ensure compliance with HIPAA, SOC2, GDPR, and internal governance frameworks.

• Build cost-awareness into CI/CD and IaC workflows by embedding Fin Ops checks and cost gates.

• Collaborate with Fin Ops and Cloud teams to enforce cost tagging, rightsizing, and efficiency standards.

• Provide insights and automation for cloud cost optimization across AWS services (EKS, ECS, EC2, S3, RDS, containers).

• Partner with Engineering, Product, SRE, and Security leaders to align on standards and frameworks.

• Drive knowledge sharing and enablement through playbooks, templates, documentation, and internal CoP (Community of Practice) sessions.

• Act as the escalation point for complex Dev Sec Ops  technical challenges across teams.

• 1 5 + years in Dev Ops, Cloud, or Security Engineering, with expert‑level technical leadership in Dev Sec Ops .

• Strong expertise in CI/CD pipeline design, automation, and governance.

• Hands‑on with CI/CD tools:
  Git Hub Actions, Git Lab CI, ArgoCD, Artifactory, Jenkins, Veracode, Sonar Qube.

• Deep experience with cloud security and AWS services (IAM, KMS, Guard Duty, Security Hub, Cloud Trail).

• Proficiency in containers & orchestration (Docker, Kubernetes, EKS, ECS).

• Strong hands‑on with Infrastructure‑as‑Code and Git Ops (Terraform, Pulumi, Crossplane, Cloud Formation).

• Familiarity with observability platforms (New Relic, Datadog, Prometheus, Grafana, Open Telemetry, Cloud Watch).

• Programming/scripting expertise in Python, Go, C#, and shell scripting.

• Knowledge of DORA metrics and proven success in improving delivery performance.

• Practical experience with Fin Ops practices and cost governance.

• Experience in large‑scale SaaS or healthcare environments.

• Knowledge of databases:
  Mongo
  
  DB, Elasticsearch, SQL Server, Oracle.

• Certifications:
  
  AWS Security Specialty, CKA/CKAD, Fin Ops Certified Practitioner, CISSP,…