Global Head of DevOps Services
Listed on 2026-07-03
-
IT/Tech
Cybersecurity, Security Manager
Global Head of Dev Sec Ops
Chubb is seeking an exceptional leader to build and scale our Dev Sec Ops function globally. You'll own the intersection of security, reliability, and developer velocity—architecting automation and enforcement mechanisms that make security invisible to developers while maintaining absolute control and visibility. This is a hands-on technical leadership role for someone who codes, influences, and drives organizational transformation.
You'll report directly to the Global Head of Engineering and own the strategic vision for security automation, deployment verification, compliance enforcement, and developer enablement across Chubb's engineering organization. You need to be well versed in AI-enabled software engineering and agentic AI Dev Sec Ops design, deployment and operations.
Key Responsibilities
- Design and implement foundational Dev Sec Ops platforms that automate security policy enforcement across CI/CD pipelines, infrastructure-as-code, container registries, and deployment systems
- Build verification systems that provide real-time evidence of compliance, vulnerability remediation, and security posture—eliminating manual audits
- Establish automation-first culture: every security control must be code-driven, testable, and self-service
- Lead technical architecture decisions for secrets management, supply chain security, and artifact signing
- AI native software engineering expert
- Make security frictionless: design tools and workflows so developers want to follow security practices
- Own the "shift left" strategy—move security testing, scanning, and validation to local development and early CI stages
- Build dashboards, APIs, and CLIs that give developers transparency into their security posture without overwhelming them
- Champion zero-friction onboarding: new engineers should inherit secure defaults with minimal training
- Code regularly in your areas of leverage
- Pair with teams on high-impact automation projects; stay in the trenches on the hardest technical problems
- Own critical-path infrastructure: build and maintain your team's CI/CD platforms, secrets systems, and policy engines
- Drive incident response for security and reliability issues; be the expert responder, not just the director
- Partner with engineering leaders to shift security ownership: security is not a gate, it's engineering culture
- Communicate transparently about risk, tradeoffs, and implementation status—especially when timelines slip or priorities conflict
- Enforce standards without being perceived as a blocker; design policies that developers will adopt voluntarily
- Build a high-impact, lean team (likely 8–15 leads) that punches well above its weight
- Own the evidence and documentation for SOC 2, ISO 27001, and regulatory audits—automate away manual compliance work
- Drive continuous verification of security controls; eliminate the painful spring audits
- Partner with Enterprise Risk and Legal on policy, but ensure the technical implementation is sound
What We're Looking For
Technical Chops
- 12+ years of software engineering and Dev Ops experience; 5+ years building or scaling security/compliance automation at significant scale (100+ engineers)
- Strong coding skills across multiple languages; comfortable shipping production code and debugging in production
- Deep hands-on knowledge of:
Kubernetes/container orchestration, CI/CD systems (Git Hub Actions, Jenkins, Ansible are a must), policy-as-code (OPA), infrastructure-as-code, secrets management - Experience designing and owning high-availability, high-observability systems that must earn trust
Leadership & Influence
- Proven track record of building and scaling engineering teams through hiring, mentorship, and technical direction
- Ability to influence without authority: cross-functional alignment with product, infra, and risk teams
- Comfort in ambiguity; can prioritize ruthlessly and say "no" to protect team capacity
- Track record of driving organizational change in security/compliance without friction
Mindset
- Automation obsessive: if it's done manually more than twice, it's a problem
- Transparency and directness: you communicate bad news early, explain tradeoffs, and own mistakes
- Developer-first…
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).