DevSecOps Tech Lead

DevSecOps Tech Lead CIBR Warriors

LLC - 5.0

Plano, TX Job Details Full-time $100,000 - $180,000 a year 3 days ago Benefits Health savings account Health insurance Dental insurance 401(k) Flexible spending account Paid time off Employee assistance program Vision insurance 401(k) matching Employee discount Professional development assistance Flexible schedule Life insurance Retirement plan Qualifications CI/CD Authentication Version control DevSecOps Practices Continuous Delivery (CD) implementation Software deployment Scalable systems Risk mitigation strategy implementation Information security compliance Team development Technical solutions implementation Analysis skills Bachelor's degree Containerization Team management Cloud development NIST standards Security policy implementation

OWASP ZAP

Mentoring Software development Scalability Vulnerability management Senior level Application security testing Cross-functional collaboration API security Cloud services Cross-functional communication SDLC Full Job Description DevSecOps Tech LeadLocation(s) Multiple U.S. locations (e.g., Malvern, PA; Charlotte, NC; Dallas, TX)

Work Model:

Hybrid Overview The DevSecOps team is responsible for the solutions and processes that secure enterprise applications and operations. As a DevSecOps Tech Lead, you will play a key role in ensuring the security and compliance of the software development lifecycle (SDLC). This role involves contributing to strategy, implementing new technologies, maintaining technical controls, assessing vulnerabilities, and collaborating with development teams to establish effective guardrails that enable continuous and secure application delivery. Core Responsibilities Lead the design and execution of enterprise-wide Software Composition Analysis (SCA) and software supply chain security strategy across applications and platforms. Own end-to-end open-source risk management, including vulnerability detection, prioritization, and remediation of third-party dependencies. Define and enforce security policies aligned with industry standards such as OWASP and NIST Secure Software Development Framework (SSDF). Integrate SCA tooling into CI/CD pipelines and developer workflows to enable automated, shift-left security practices. Drive implementation and adoption of Software Bill of Materials (SBOM) standards (e.g., Cyclone

DX, SPDX

) to achieve full dependency visibility. Secure the software supply chain by implementing controls for artifact integrity, provenance, and signed builds, aligned with frameworks such as SLSA. Lead response and mitigation efforts for critical supply chain vulnerabilities (e.g., zero-day risks), ensuring rapid impact assessment and remediation. Establish governance over artifact repositories and package registries, including version control, trusted sources, and secure publishing practices. Define and track key security metrics (e.g., vulnerability MTTR, coverage, policy compliance) and communicate insights to senior leadership. Mentor and guide security engineers while partnering with engineering, DevOps, and product teams to deliver scalable, developer-friendly security solutions. Qualifications Bachelor's degree in a related field or equivalent practical experience. Hands-on experience deploying and operating SCA and SAST tools, including onboarding, authentication setup, and CI/CD integration. Experience with additional application security tools (e.g., secret scanning, IAST, DAST). Strong understanding of modern application development and delivery ecosystems (IDEs, repositories, CI/CD, cloud platforms, containers, serverless). Working knowledge of industry frameworks such as NIST, OWASP, and MITRE. Relevant certifications in AppSec, DevSecOps, cloud, or software development are a plus.

Additional Information Sponsorship:

Visa sponsorship is not available for this role. Work Environment This organization operates a hybrid work model designed to balance flexibility with in-person collaboration. The environment emphasizes continuous learning, cross-functional teamwork, and building secure, scalable systems that support long-term business objectives.

Pay:

$100,000.00 - $180,000.00 per year

Benefits:

401(k) 401(k) matching Dental insurance Employee assistance program Employee discount Flexible schedule Flexible spending account Health insurance Health savings account Life insurance Paid time off Professional development assistance Retirement plan Vision insurance

Experience:

DevSecOps:

5 years (Required)

SDLC:

5 years (Required)

Software Composition Analysis:

3 years (Required)

SCA/SAST

tools: 3 years (Required) Working knowledge of NIST, OWASP, and MITRE frameworks: 3 years (Required)

License/Certification:

AppSec, DevSecOps, cloud, or development certifications (Preferred)

Work Location:

Hybrid remote in Plano, TX 75024