Devsecops

Role: DevSecOps Lead – Insurtech (Azure)

Role Summary

Join a growing team of hands‑on architects building modern Insurtech, AI‑driven solutions. The DevSecOps Lead owns the DevSecOps practice across the insurance ecosystem, defining strategy, standards, and best practices while mentoring engineering teams. The role blends deep technical expertise with leadership to drive DevOps maturity, security automation, operational excellence, and cultural transformation, with Microsoft Azure as the primary platform.

Key Responsibilities

DevSecOps Strategy & Leadership

• Define and execute the DevSecOps strategy and roadmap aligned to business goals, digital transformation, cloud adoption, and efficiency.
• Establish a DevOps maturity model, target state, and improvement plans; drive cultural change around collaboration, automation, and continuous improvement.
• Define metrics and KPIs (including DORA metrics) and regularly communicate progress, ROI, and risk mitigation to leadership.
  
  

Enterprise CI/CD & Platform Architecture

• Lead design and implementation of enterprise‑scale CI/CD platforms and toolchains for many applications and teams.
• Architect multi‑tenant pipelines with self‑service capabilities, governance, and cost control.
• Standardize pipelines, templates, and reusable components; design multi‑environment deployment and GitOps practices.
  
  

Standards, Automation & Infrastructure

• Establish DevOps standards for pipeline design, IaC, containerization, security integration, monitoring, and incident response.
• Provide reference architectures for microservices, data pipelines, and legacy integration.
• Drive automation across build, test, deploy, infra management and operations; lead Infrastructure as Code with Terraform and policy validation.
• Architect multi‑cloud (Azure primary, AWS/GCP when needed) and Kubernetes platforms at scale (cluster design, multi‑tenancy, service mesh).
  
  

Security Integration (DevSecOps) & SRE

• Embed security throughout SDLC (shift‑left), integrating SAST, DAST, SCA, container and infra scanning into pipelines.
• Implement security as code using policy engines (e.g., OPA, Kyverno), secrets management, and vulnerability management with dashboards.
• Establish SRE practices: define SLOs/SLIs, error budgets, observability (metrics, logs, traces), incident response and on‑call processes, chaos engineering, capacity planning, and automated remediation.
  
  

Leadership, Collaboration & Governance

• Build and lead high‑performing DevSecOps/SRE/platform teams, mentoring engineers and running trainings and communities of practice.
• Evaluate and manage DevOps tools and vendors, run PoCs, manage licenses, and govern lifecycle of tools.
• Ensure DevOps practices comply with GDPR, CCPA, PCI‑DSS, SOC 2 and insurance regulations, including audit trails and cost governance.
• Collaborate with architects, security, development and business leaders; represent DevSecOps in governance forums; support hiring for DevOps/SRE talent.
  
  

Required Skills

• DevOps Leadership: DevOps culture, strategy/roadmap, change management, influence across orgs.
• Advanced CI/CD: Enterprise pipeline architecture, multi‑env deployments, GitOps (ArgoCD/Flux), blue‑green, canary, progressive delivery.
• Infrastructure & Cloud: Advanced IaC (Terraform), multi‑cloud (Azure, AWS, GCP), Kubernetes at scale, hybrid connectivity.
• Security & Compliance: DevSecOps, shift‑left, SAST/DAST/SCA, policy‑as‑code (OPA/Kyverno), secrets/vulnerability management, regulatory frameworks.
• Site Reliability Engineering: SLO/SLI, observability, incident response, chaos engineering, capacity & cost optimization, auto‑remediation.
• Platform Engineering: Internal developer platform, self‑service infra, platform as product, strong developer experience.
• Tools: Azure DevOps, GitHub Actions/GitLab, Terraform, Kubernetes, Docker, Helm, Azure services, Prometheus/Grafana/Azure Monitor, security scanning tools.
  
  

Required Experience

• 8+ years in DevOps/SRE/infra engineering with 3+ years in technical leadership/management.
• Proven experience building DevOps practices from scratch: strategy, standards, platforms and teams.
• Experience leading enterprise CI/CD platforms for large application portfolios and driving DevOps cultural adoption.
• Track record with SRE practices, observability, and improved reliability metrics.
• Experience in insurance or financial services, with understanding of regulatory and compliance needs.
• Demonstrated ability to recruit, mentor, and grow high‑performing technical teams.
  
  

Preferred Certifications

• Must‑have / strong plus: Microsoft Certified: DevOps Engineer Expert (AZ‑400), Azure Solutions Architect Expert (AZ‑305).
• Good additions: AWS DevOps Engineer – Professional, CKA/CKS, HashiCorp Terraform – Professional, CISSP (for security emphasis).

Skills Required
DAST, Helm, Docker, Microsoft Azure, Kubernetes, Terraform, Gitlab, Grafana, Prometheus, SCA, SAST, Azure Devops, DevSecOps