Principal DevSecOps Engineer

The Principal Dev Sec Ops  Engineer will serve as a senior technical leader within the Dev Sec Ops  Center of Excellence (CoE), driving automation, security, observability, and cost optimization across the enterprise. This role operates at the CoE level—establishing global standards, frameworks, reusable automation modules, and governance that enable consistent and secure software delivery at scale.

This individual will act as a technical authority, mentor, and cross‑functional collaborator, ensuring that Dev Sec Ops  best practices are applied across CI/CD pipelines, infrastructure‑as‑code (IaC), cloud security, and Fin Ops. The role requires strong hands‑on expertise in Dev Sec Ops  tooling, a deep understanding of modern cloud‑native architectures, and the ability to influence product teams through thought leadership, frameworks, and reusable solutions.

• Act as the technical lead for the Dev Sec Ops  CoE, driving strategy and execution of security, automation, and observability practices.
• Design and maintain reusable CI/CD frameworks, IaC modules, and security guardrails for consistent adoption across all product lines.
• Define, document, and enforce Dev Sec Ops  standards, policies, and best practices.
• Mentor embedded Dev Sec Ops  engineers and provide guidance on pipeline design, automation, cost optimization, and compliance.

• Architect and optimize CI/CD pipelines (Git Hub Actions, Git Lab CI, ArgoCD, Jenkins, Artifactory, Veracode) to enable frequent, secure deployments.
• Integrate SAST, SCA, DAST, and container scanning into delivery workflows.
• Establish Git Ops practices using Terraform, Pulumi, or Crossplane for infrastructure provisioning.
• Track and drive improvements in DORA metrics (deployment frequency, lead time, MTTR, change failure rate).

• Implement “shift‑left” security by embedding security testing and compliance automation into pipelines.
• Partner with Security and SRE teams to enforce SLIs, SLOs, and error budgets in delivery pipelines.
• Advance unified observability initiatives by integrating New Relic, Datadog, Prometheus, Grafana, Open Telemetry, and Cloud Watch into pipelines.
• Ensure compliance with HIPAA, SOC2, GDPR, and internal governance frameworks.

• Build cost‑awareness into CI/CD and IaC workflows by embedding Fin Ops checks and cost gates.
• Collaborate with Fin Ops and Cloud teams to enforce cost tagging, rightsizing, and efficiency standards.
• Provide insights and automation for cloud cost optimization across AWS services (EKS, ECS, EC2, S3, RDS, containers).

• Partner with Engineering, Product, SRE, and Security leaders to align on standards and frameworks.
• Drive knowledge sharing and enablement through playbooks, templates, documentation, and internal CoP (Community of Practice) sessions.
• Act as the escalation point for complex Dev Sec Ops  technical challenges across teams.

• 15+ years in Dev Ops, Cloud, or Security Engineering, with expert‑level technical leadership in Dev Sec Ops .
• Strong expertise in CI/CD pipeline design, automation, and governance.
• Hands‑on with CI/CD tools:
  Git Hub Actions, Git Lab CI, ArgoCD, Artifactory, Jenkins, Veracode, Sonar Qube.
• Deep experience with cloud security and AWS services (IAM, KMS, Guard Duty, Security Hub, Cloud Trail).
• Proficiency in containers & orchestration (Docker, Kubernetes, EKS, ECS).
• Strong hands‑on with Infrastructure‑as‑Code and Git Ops (Terraform, Pulumi, Crossplane, Cloud Formation).
• Familiarity with observability platforms (New Relic, Datadog, Prometheus, Grafana, Open Telemetry, Cloud Watch).
• Programming/scripting expertise in Python, Go, C#, and shell scripting.
• Knowledge of DORA metrics and proven success in improving delivery performance.
• Practical experience with Fin Ops practices and cost governance.

• Experience in large‑scale SaaS or healthcare environments.
• Knowledge of databases:
  Mongo
  
  DB, Elasticsearch, SQL Server, Oracle.
• Certifications:
  
  AWS Security Specialty, CKA/CKAD, Fin Ops Certified Practitioner, CISSP, CCSP.
• S…