Job Closed
This listing is no longer active.
We are transforming toward autonomous, stream-aligned teams with independent deployment capabilities. This role is central to that vision - establishing data architecture excellence that enables teams to move fast without creating future problems. You'll define data strategy for a growing engineering organization in healthcare technology, working directly with engineering leadership on this transformation.
Manager DevSecOps Engineer
Location
United States
Posted
57 days ago
Salary
$128K - $170K / year
Seniority
Lead
Job Description
Manager DevSecOps Engineer
DSC Resources
Role Description The Manager, DevSecOps is responsible for leading the DevSecOps function and driving the adoption of secure, scalable, and efficient software delivery practices across the organization. This role will manage a team of DevSecOps engineers and work closely with Engineering, Security, Infrastructure, SRE, and Product teams to embed security, automation, and operational excellence throughout the software development lifecycle. This leader will play a key role in advancing CI/CD maturity, strengthening cloud security and compliance, improving developer experience, and enabling platform engineering capabilities that support standardization, self-service, and faster delivery. Key Responsibilities - Team Leadership and Management - Lead, mentor, and develop a team of DevSecOps engineers. - Set team priorities, assign work, and ensure accountability for deliverables and outcomes. - Build a high-performing team culture focused on ownership, collaboration, continuous improvement, and execution excellence. - Support hiring, onboarding, coaching, and performance management for the DevSecOps team. - DevSecOps Strategy and Execution - Drive the implementation and continuous improvement of DevSecOps practices across the organization. - Lead efforts to design, standardize, and support secure CI/CD pipelines, release automation, and deployment frameworks. - Promote shift-left security by integrating security controls and compliance checks into the software development lifecycle. - Establish and maintain standards for infrastructure as code, automation, and secure delivery practices. - Cloud Security, Governance, and Compliance - Partner with Security and Cloud teams to implement cloud security guardrails, policy enforcement, and compliance controls. - Help ensure alignment with regulatory and compliance requirements, including healthcare and enterprise security standards where applicable. - Oversee remediation of security findings related to infrastructure, CI/CD, containers, and cloud platforms. - Drive security awareness and secure engineering practices across teams. - Observability, Reliability, and Operational Excellence - Collaborate with SRE and Infrastructure teams to improve observability, monitoring, alerting, and operational readiness. - Support the use of logs, metrics, traces, and dashboards to improve service visibility and reduce operational risk. - Ensure DevSecOps practices support reliability goals, incident response readiness, and operational maturity. - Platform Engineering and Developer Experience - Support platform engineering initiatives that improve developer productivity and self-service capabilities. - Contribute to the development of internal developer platforms and standardized tooling that simplify infrastructure and application delivery. - Drive improvements in developer experience by reducing friction in provisioning, deployment, and operational workflows. - Promote the use of tools and frameworks such as Backstage, Crossplane, and GitOps-based models where appropriate. - Cost Optimization and Efficiency - Partner with Cloud and Finance stakeholders to promote cost-aware engineering practices and cloud optimization. - Identify opportunities to improve resource utilization, standardization, and automation to reduce unnecessary spend. - Support governance processes that align engineering velocity with operational and financial discipline. - Cross-Functional Partnership - Work closely with Engineering, Product, Security, Infrastructure, SRE, and leadership teams to align priorities and execution. - Communicate plans, progress, risks, and dependencies clearly to both technical and non-technical stakeholders. - Serve as a trusted partner in driving enterprise-wide DevSecOps and platform engineering initiatives. Qualifications - Bachelor’s degree in computer science, Engineering, Information Technology, or a related field; equivalent experience may be considered. - 10+ years of experience in DevOps, DevSecOps, Cloud Engineering, Site Reliability Engineering, or related disciplines. - 3+ years of experience leading or managing technical teams in DevOps, DevSecOps, Platform Engineering, or Infrastructure. - Strong experience with CI/CD tools and practices, including pipeline automation and release management. - Hands-on experience with cloud platforms, preferably AWS, including infrastructure, security, and automation services. - Strong knowledge of Infrastructure as Code tools such as Terraform, CloudFormation, Pulumi, or similar technologies. - Experience with containers and orchestration platforms such as Docker and Kubernetes. - Solid understanding of application and cloud security practices, including SAST, SCA, secrets management, container security, and policy enforcement. - Experience working with observability and monitoring platforms such as New Relic, Prometheus, Grafana, OpenTelemetry, or CloudWatch. - Strong communication, leadership, and stakeholder management skills. Preferred Qualifications - Experience in healthcare, regulated industries, or enterprise SaaS environments. - Exposure to platform engineering and Internal Developer Platform concepts. - Experience with tools such as Backstage, Crossplane, ArgoCD, GitHub Actions, Jenkins, SonarQube, Artifactory, or similar platforms. - Familiarity with FinOps practices and cloud cost governance. - Knowledge of DORA metrics and engineering performance measurement. - Experience with database or data platform environments such as MongoDB, Elasticsearch, SQL Server, or Oracle. - Relevant certifications such as AWS Solutions Architect, AWS Security Specialty, CKA, CKAD, or FinOps certifications. Benefits - Estimated Salary: $128,000 - $170,000 plus bonus
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
Role Description This position may be filled as a Level I, II, or III based on additional responsibilities and qualifications required. The responsibility of this position includes serving as a cybersecurity infrastructure engineer in the enterprise Cybersecurity Operations team. This position serves as a systems engineer responsible for the implementation, maintenance, analysis, and reporting of the enterprise cybersecurity related systems utilized by the IT department using a comprehensive security knowledge of Endpoint, Server, IOT, IT Security Management Platforms, LAN and WAN technologies. Responsibilities - Responsible for the monitoring and support of all Intrusion Detection/Intrusion Prevention Systems within the organization. - Conduct security monitoring and tuning recommendations for all Next Generation Firewall Systems, Routing and Switching infrastructure. - Monitor and manage enterprise logging and vulnerability management systems. - Assist management in the planning and implementation of a defense in depth program. - Serve as a liaison between the IT department and Information Security/Audit departments. - Responsible for monitoring and tuning recommendations for enterprise endpoint detection response and network detection response systems. - Provides 24x7x365 support operations for all security monitoring infrastructure. - Serve as a member of the Security Operations Center and provide daily support. - Perform additional duties as assigned. Qualifications - At least 1-4 years of experience in network infrastructure and security. - Demonstrated experience in the daily implementation, support, and auditing of networks, operating systems, and applications. - Solid understanding of how to implement vulnerability remediation technologies. - Proven experience in: - Security incident response - Intrusion Detection and Prevention - Next Generation Firewall - Penetration testing techniques and tools - Using project management methodologies - Firewalls, proxies, virus protection and remediation - Experience in routing and switching environments and routing protocols. - Working knowledge of network infrastructure components. - Knowledge of operating systems including Windows, UNIX, and Linux. - Understanding of Patch Management processes and procedures. - Administrative and security expertise in the implementation and support of network infrastructure. - CCNP, CCIE, GIAC, CISSP or other network and security certifications preferred. - Network Infrastructure and Security Experience in the Financial Industry preferred. - Experience with SIEM technology – Splunk preferred. - Experience with NGFW and NGFW Management Platforms – Fortinet FortiManager, Fortinet FortiAnalyzer preferred. - Experience with Vulnerability Management Platforms – Rapid7 preferred. Requirements - At least 5-7 years of experience in network infrastructure and security (Level II). - System administration experience in a large production environment (500+ Servers, 200+ routers, 5000 devices). - Experience in the daily implementation, support, and auditing of networks, operating systems, and applications based on best practices. - Experience with implementing vulnerability remediation technologies. - Bachelor of Science degree preferred (Level II). Benefits - At least 8-10 years of experience in network infrastructure and security (Level III). - Ability to work in a heterogeneous computing environment. - Bachelor of Science degree preferred (Level III). Physical Requirements/Working Conditions - Must be able to sit for long periods of time and use computer keyboard and/or mouse, while viewing computer screens.
Staff Product Manager – AI Security, Data Access Governance, DLP
DropboxDropbox is the one place to keep life organized and keep work moving.
• Build next-generation security products – Shape and deliver innovative solutions by integrating Nira’s governance capabilities into Dropbox and driving a standalone security offering for the broader market. • Lead an AI-driven roadmap – Define and launch intelligent features that use AI and automation to streamline access control, enforce real-time DLP, and proactively detect security risks. • Expand Dropbox’s impact in the market – Identify opportunities in the SMB and mid-market security space, craft a clear product vision, and accelerate adoption with a differentiated value proposition. • Deliver breakthrough product experiences – Partner with engineering and design to launch automated access reviews, AI-powered security insights, and compliance workflows that raise the bar on security. • Turn insights into action – Work directly with customers to uncover their toughest data governance and AI security challenges, and translate those needs into high-impact product features. • Drive seamless execution – Collaborate across engineering, security, compliance, and go-to-market teams to launch products that meet global standards (SOC 2, ISO 27001, GDPR, etc.) and delight customers.
Information Security Intern
Center for Internet SecurityLeading the global community to secure our ever-changing connected world.
• Perform security assessments, control effectiveness review, and cyber incident response • Build and write scripts/queries to assess the security posture of CIS infrastructure • Provide regular reporting on the status of the information security program to senior staff • Ensure continued compliance of the security and privacy programs with all applicable laws and regulations • Assist with security incidents and events to protect corporate information assets, including IP, data, and company reputation • Develop and monitor continuous audit and assessment practices; Support the implementation and maintenance of current laws, regulations, and industry best practices • Maintain a current understanding of the Cyber threat landscape • Communicate best practices and risks across the organization • Assist with internal Phishing engagements and vulnerability management • Other tasks and responsibilities as assigned
• Lead major cybersecurity incidents from detection through containment, eradication, recovery, and post-incident review; including participating in on-call rotation. • Serve as the top escalation point for complex, high-severity incidents, ensuring rapid and effective resolution. • Develop, maintain, and optimize incident response playbooks, runbooks, and escalation procedures. • Oversee enterprise-wide monitoring of networks, cloud, and endpoints for threats, vulnerabilities, and anomalous activity. • Advance detection capabilities using EDR, SIEM, and behavioral analytics aligned with MITRE ATT&CK. • Act as subject matter expert on EDR and SIEM. • Design and implement automation frameworks (Python, PowerShell, AWS Lambda) to streamline response workflows and reduce manual effort. • Integrate AI/ML models into security monitoring and response processes for enhanced detection accuracy and prioritization. • Conduct forensic investigations and threat hunting to identify root causes and emerging threat patterns. • Collaborate cross-functionally with infrastructure, application, and network teams to enforce secure configurations and compliance. • Mentor and guide incident response analysts, fostering technical growth and operational excellence. • Communicate effectively with executives and technical teams during and after incidents, producing clear reports and recommendations. • Drive continuous improvement in detection, response, and prevention strategies to strengthen enterprise security posture.
