DevSecOps Lead
Remote
US Time Zone
Full Time
About the Role
You will design, implement, and support agile processes
leveraged by a number of applications hosted in our environments.
• Proven experience as a DevSecOps Engineer or in a similar security-focused role within an Agile
environment.
• Strong understanding of Agile development methodologies, including Scrum or Kanban, and
experience working in Agile teams.
• In-depth technical expertise in DevSecOps techniques, continuous integration; continuous testing; and continuous deployment across environments
• Experience in leading DevSecOps CI tools such as Jenkins, Azure DevOps, Maven/Gradle, GIT,
Nexus, Ansible), along with hands on experience implementing CI with test automation and code
scanning (Sonarqube) integrated as part of the build cycles
• Proficiency in scripting languages to automate tasks.
• Experience with the Microsoft Azure stack of technologies, including Data Factory components such as Data Pipes, Function Apps, and SQL.
• Positive, enthusiastic attitude with great teamwork and interpersonal, relationship building, facilitation and communication skills, reflecting the ability to interact with cross department groups
• Certified SCRUM and/or SAFe practitioner preferred
Collaborate with Agile development teams to design, implement, and maintain a secure software development lifecycle aligned with Agile principles.
• Integrate security best practices into CI/CD pipelines, including code scanning, static analysis, and
vulnerability assessments, to ensure secure and rapid application delivery.
• Actively participate in Agile ceremonies, such as sprint planning, stand-ups, and retrospectives, to align DevSecOps efforts with development goals.
• Produce metrics and dashboards to provide qualitative and quantitative measures of quality, security, accessibility, and progress.
• Advocate for software engineering practices such as unit testing, code reviews, full build testing, quality engineering practices and requirements capturing techniques to the teams to improve end-to-end secure delivery practices.
• Identity and implement automation that will improve the performance and reliability of the pipelines including scripting, integration, problem resolution, and configuration management.
• Partner with development and operations teams to facilitate practical automation solutions and custom modules. Troubleshoot automation issues and when required, engage the resources to find practical solutions that move projects forward in a timely manner.
• Be a trusted automation and tooling advisor for DevSecOps initiatives by providing objective, practical and relevant ideas, insights, and advice.
• Assist application teams with onboarding to the adopted security tools/technologies.
• Be active in evaluating and recommending new technologies.
Abide by the policies, procedures, and Code of Conduct of the company.
• Handle personal information (“PI”) that pertains to any individual (e.g., leads, dealers, employees, job applicants, etc.) in accordance with FordDirect’s Privacy Policy and public facing privacy statements on FordDirect managed websites.
• Complete any required training.
• Promptly report any known or suspected loss, theft or unauthorized disclosure or use of PI to the
General Counsel/Chief Compliance Officer or Chief Information Officer.
• Adhere to the company’s compliance program.