Principal DevSecOps Engineer

Principal DevSecOps Engineer

Job Overview

The Principal DevSecOps Engineer will serve as a senior technical leader within the DevSecOps Center of Excellence (CoE), driving automation, security, observability, and cost optimization across the enterprise.

Key Responsibilities

• Technical Leadership & CoE Governance

+ Act as the technical lead for the DevSecOps CoE, driving strategy and execution of security, automation, and observability practices. + Design and maintain reusable CI/CD frameworks, IaC modules, and security guardrails for consistent adoption across all product lines. + Define, document, and enforce DevSecOps standards, policies, and best practices. + Mentor embedded DevSecOps engineers and provide guidance on pipeline design, automation, cost optimization and compliance.

• CI/CD Architecture & Automation

+ Architect and optimize CI/CD pipelines (GitHub Actions, GitLab CI, ArgoCD, Jenkins, Artifactory, Veracode) to enable frequent, secure deployments. + Integrate SAST, SCA, DAST, and container scanning into delivery workflows. + Establish GitOps practices using Terraform, Pulumi, or Crossplane for infrastructure provisioning. + Track and drive improvements in DORA metrics (deployment frequency, lead time, MTTR, change failure rate).

• Security, Compliance & Observability

+ Implement “shift-left” security by embedding security testing and compliance automation into pipelines. + Partner with Security and SRE teams to enforce SLIs, SLOs, and error budgets in delivery pipelines. + Advance unified observability initiatives by integrating New Relic, Datadog, Prometheus, Grafana, OpenTelemetry, and CloudWatch into pipelines. + Ensure compliance with HIPAA, SOC2, GDPR, and internal governance frameworks.

• FinOps & Cost Governance

+ Build cost-awareness into CI/CD and IaC workflows by embedding FinOps checks and cost gates. + Collaborate with FinOps and Cloud teams to enforce cost optimization