DevSecops Lead
Congregate Technologies
40 LPA
Location: Hyderabad
Posted: January 22, 2026
Posted By: System Administrator
Job Description
Job Details:
We are seeking a highly skilled and results-oriented DevSecOps Lead to strengthen application security across a SaaS platform. This is a senior individual contributor role responsible for owning the design, implementation, and ongoing maturity of a DevSecOps program across engineering teams and business units.
In this role, you will embed security early and consistently into the software development lifecycle by integrating automated security controls directly into CI/CD pipelines. You will define and enforce secure coding standards, remediation SLAs, and guardrails that balance strong risk reduction with efficient delivery. Acting as a trusted technical authority, you will partner closely with Engineering, Cloud Infrastructure, Security, and Architecture teams to align tooling, workflows, and standards across a complex, distributed environment.
The DevSecOps Lead operates with a high degree of autonomy and accountability, owning outcomes rather than tasks. You will measure and report on SDLC security posture, maturity, and progress, translating technical findings into clear insights for security leadership and executive stakeholders. While this role does not have people management responsibility, it carries significant influence and enterprise impact through standards ownership, cross-functional coordination, and technical leadership.
Success Profile:
This role is anchored in our company’s core competencies—These competencies reflect the mindsets and behaviors that define success in this role. We outline how each competency translates into real-world actions and outcomes specific to this role.
Ownership
Owns the design, implementation, and ongoing operation of a DevSecOps program, embedding security controls directly into CI/CD pipelines.
Defines secure coding standards, remediation SLAs, and enforcement gates, ensuring consistent adoption across engineering teams.
Serves as the accountable owner for SDLC security posture, coordinating with engineering, cloud, and security stakeholders to resolve risk.
Communicates security posture, risks, and progress clearly to the CISO and executive leadership.
Drives Efficiency
Integrates automated SAST, DAST, SCA, IaC, container, and secrets scanning into development workflows to reduce manual effort and friction.
Designs and maintains scalable “golden path” pipelines with standardized guardrails, enabling teams to ship securely by default.
Establishes policy-as-code, admission controls, and branch protections to ensure repeatable, low-touch enforcement.
Uses AI-driven and automated analysis to accelerate detection, triage, and remediation of security findings across the SDLC.
Results Driven
Defines and tracks measurable SDLC security metrics, reporting maturity, coverage, and outcomes over time.
Delivers phased outcomes, from quick-win controls to long-term application security maturity plans.
Partners with teams to ensure security improvements translate into real risk reduction, not just tooling adoption.
Innovative
Evolves DevSecOps practices by evaluating and adopting modern application and supply-chain security techniques.
Improves existing tooling and workflows based on data, feedback, and emerging threats.
Translates technical insights into practical improvements that scale across business units
Requirements
Bachelor’s degree in Computer Science, Software Engineering, or related field preferred
7+ years of experience in DevOps or Application Security with hands-on CI/CD expertise
Strong experience with Azure DevOps, AppSec tooling, IaC, and container security
Ability to operate autonomously, influence without authority, and deliver results in ambiguity
We are seeking a highly skilled and results-oriented DevSecOps Lead to strengthen application security across a SaaS platform. This is a senior individual contributor role responsible for owning the design, implementation, and ongoing maturity of a DevSecOps program across engineering teams and business units.
In this role, you will embed security early and consistently into the software development lifecycle by integrating automated security controls directly into CI/CD pipelines. You will define and enforce secure coding standards, remediation SLAs, and guardrails that balance strong risk reduction with efficient delivery. Acting as a trusted technical authority, you will partner closely with Engineering, Cloud Infrastructure, Security, and Architecture teams to align tooling, workflows, and standards across a complex, distributed environment.
The DevSecOps Lead operates with a high degree of autonomy and accountability, owning outcomes rather than tasks. You will measure and report on SDLC security posture, maturity, and progress, translating technical findings into clear insights for security leadership and executive stakeholders. While this role does not have people management responsibility, it carries significant influence and enterprise impact through standards ownership, cross-functional coordination, and technical leadership.
Success Profile:
This role is anchored in our company’s core competencies—These competencies reflect the mindsets and behaviors that define success in this role. We outline how each competency translates into real-world actions and outcomes specific to this role.
Ownership
Owns the design, implementation, and ongoing operation of a DevSecOps program, embedding security controls directly into CI/CD pipelines.
Defines secure coding standards, remediation SLAs, and enforcement gates, ensuring consistent adoption across engineering teams.
Serves as the accountable owner for SDLC security posture, coordinating with engineering, cloud, and security stakeholders to resolve risk.
Communicates security posture, risks, and progress clearly to the CISO and executive leadership.
Drives Efficiency
Integrates automated SAST, DAST, SCA, IaC, container, and secrets scanning into development workflows to reduce manual effort and friction.
Designs and maintains scalable “golden path” pipelines with standardized guardrails, enabling teams to ship securely by default.
Establishes policy-as-code, admission controls, and branch protections to ensure repeatable, low-touch enforcement.
Uses AI-driven and automated analysis to accelerate detection, triage, and remediation of security findings across the SDLC.
Results Driven
Defines and tracks measurable SDLC security metrics, reporting maturity, coverage, and outcomes over time.
Delivers phased outcomes, from quick-win controls to long-term application security maturity plans.
Partners with teams to ensure security improvements translate into real risk reduction, not just tooling adoption.
Innovative
Evolves DevSecOps practices by evaluating and adopting modern application and supply-chain security techniques.
Improves existing tooling and workflows based on data, feedback, and emerging threats.
Translates technical insights into practical improvements that scale across business units
Requirements
Bachelor’s degree in Computer Science, Software Engineering, or related field preferred
7+ years of experience in DevOps or Application Security with hands-on CI/CD expertise
Strong experience with Azure DevOps, AppSec tooling, IaC, and container security
Ability to operate autonomously, influence without authority, and deliver results in ambiguity
Application Stats
Total Applications: 0
Posted: Jan 22, 2026