DevSecOps Team Lead

About the role

This high‑impact leadership opportunity is for an experienced DevSecOps professional who is passionate about building secure, scalable, and automation‑driven cloud environments. You will lead a team that embeds security into every stage of the software development lifecycle while enabling rapid, safe innovation across distributed engineering groups.

Key responsibilities

• Lead, mentor and grow a team of DevSecOps engineers, fostering a culture of collaboration, ownership and continuous improvement.
• Define and execute the DevSecOps roadmap, aligning security initiatives with engineering and business objectives.
• Partner with Engineering and Product teams to integrate security requirements early in the product lifecycle.
• Oversee implementation of Policy‑as‑Code frameworks and automated compliance controls using OPA or Kyverno across cloud and Kubernetes environments.
• Design and govern secure cloud architectures based on Zero Trust, identity‑based access management and container security best practices.
• Manage security tooling and vendor relationships to optimise coverage, scalability and efficiency.
• Establish and monitor security metrics such as MTTR, vulnerability remediation trends and detection accuracy.
• Serve as senior escalation point during security incidents, leading root‑cause analysis and blameless post‑mortems.

Required profile

• 6+ years of experience in Security, DevOps, Infrastructure or related cloud engineering roles.
• At least 2 years of leadership experience managing or mentoring technical teams in DevSecOps, Security Engineering or Platform Engineering.
• Strong understanding of secure cloud architecture, Zero Trust principles and container security.
• Proven ability to influence organisational security maturity and drive cross‑functional collaboration.

Required skills

• Infrastructure‑as‑Code tools: Terraform / OpenTofu, Ansible.
• CI/CD platforms: GitHub Actions, GitLab CI.
• Policy‑as‑Code: OPA, Kyverno.
• Kubernetes security: RBAC, network policies, admission controllers.
• Zero Trust architecture, identity‑based access management.
• Container security best practices.