Platform Technical Lead - DevSecOps

About The Position

Requirements

• Minimum of 8 years of experience in DevOps, software development, or cybersecurity, with strong mentorship leadership mindset.
• Strong knowledge of DevOps principles, practices, and tools, including CI/CD pipelines, configuration management, and container orchestration.
• Excellent hands-on experience and solution architecture mindset with DevSecOps tools such as Azure DevOps, GitHub, Artifactory SonarQube, Fortify Static Application Security Testing (SAST), Fortify Dynamic Application Security Testing (DAST) and MEND - Software Composition Analysis (SCA).
• Strong hands-on experience with scripting languages like PowerShell, Bash, Python, groovy etc and APIs.
• Proficiency in cloud computing platforms such as Azure, AWS, GCP and infrastructure as code (IAC) tools (e.g., Terraform, Ansible).
• Solid understanding of software development methodologies (e.g., Agile, Scrum, Kanban) and version control systems (e.g., Git, SVN).
• Excellent leadership, communication, and interpersonal skills, with the ability to effectively collaborate with cross-functional teams and stakeholders.
• Ability to collaborate effectively with developers, operations teams, and security professionals.
• Strong analytical and problem-solving skills to identify and resolve DevSecOps related issues.
• Working knowledge of defining KPIs to measure DevSecOps Success

Nice To Haves

• Master’s degree preferred.

Responsibilities

• Platform Design and Architecture: Design and architect the DevSecOps platforms to meet the organization's scalability, performance, and security requirements. Conducts technology evaluations and re-engineering activities to support strategy definition and continuous improvement activities.
• Toolchain Integration: Integrate and manage a suite of DevSecOps tools, including source code repositories, continuous integration/continuous deployment (CI/CD) pipelines, automated testing, and security scanning tools.
• Reporting Automation: Implement automated Key Performance Indicators (KPIs) to measure and report DevSecOps platform utilization against agreed SDLC standards to provide DevOps maturity and Security posture.
• Policy and Compliance Management: Establish and enforce DevSecOps policies, standards, and best practices to ensure compliance with industry regulations and organizational security policies.
• Technical Leadership and Mentorship: Lead and mentor a team of DevSecOps engineers globally, providing technical guidance, training, and support to foster a culture of continuous learning and improvement.
• Collaboration: Collaborate with cross-functional teams, including developers, operations, security, and business stakeholders, to promote collaboration and alignment across the organization.
• Monitoring and Incident Response: Monitor the DevSecOps platform for security incidents and anomalies, and lead incident response efforts to mitigate risks and ensure the integrity of the platforms.

Benefits

• Hybrid Working – a mix of working from home and in the office
• 22 weeks of paid leave for family growth, with 12 weeks available to all parents on a gender-equal basis
• Competitive 401(k) program with company match up to 8%
• Well-being program including holistic wellbeing coaching, gym membership, confidential counselling, financial and legal advice
• Tuition Reimbursement for professional certifications, and continuing education
• Employee Network and Community – QBE actively supports six Employee Networks, and many ways to give back to your community