The Sr. Manager of DevSecOps is a high-level security position which will help enable H-E-B’s DevSecOps journey. This position reports to and performs tasks under the direction of the Director of Information Security. This is a hands-on management position which requires advanced technical skills, as well as management abilities. The role will coordinate the efforts of the Information Security Office with H-E-B’s Digital organization and other business areas. Direct reports will include Security Engineers and Security Architects. Additionally, the Sr. Manager of DevSecOps will be responsible for managing contract and service provider personnel.
- Lead and work as part of a team of software and security engineers, with a high degree of freedom to design and build best-in-class offerings
- Build tools and automation scripts that enable developers to easily consume security services delivered by the AppSec team
- Enforce standard methodologies, processes and tools and ensure compliance to enterprise architecture, global information security policies and overall company strategy
- Partner with H-E-B Digital Delivery teams to define, implement and operate a platform support model that leverages DevSecOps principles
- Design and test solutions to unique and interesting challenges, including Negative testing and Fuzz testing
- Serve as an escalation point for H-E-B Digital support teams. Identify appropriate resolution to achieve stakeholder satisfaction in a timely manner.
- Point of contact for product teams as it relates to automation, CI/CD, DevOps and/or DevSecOps
- Improve the accessibility confidentiality, integrity, and accessibility of H-E-B’s security through automation and continuous integration (CI/CD) pipelines
- Oversee a team of security engineers who safeguard the H-E-B-s assets, intellectual property, information systems and the physical security of H-E-B data centers and control facilities.
- Facilitate challenging conversations where IT standards and business demands conflict to agree pragmatic solutions.
- Knowledge of secure development and operational principles of DevSecOps
- Deep understanding of SDLC, Agile methodologies, values, and procedures.
- 5 years’ experience managing a DevSecOps team or similar.
- Experience with AWS, GCP, or Azure cloud security patterns and controls
- 8+ years of Software Development experience, with emphasis on Security.
- Strong knowledge and experience with application development and support
- Experience with implementing and maintaining CI/CD pipelines
- Background in application security, penetration testing, secure code development, and Agile software development
- Agile project management experience with firm understanding of metrics and reporting
- Experience building and implementing strategic roadmaps (multiyear plans)
Vacancy Type: Full Time
Job Location: Cibolo, TX, US
Application Deadline: N/A