Devsecops Lead

3 weeks ago

Perth, Australia Hudson Australia Full time

**Opportunity**:
**Responsibilities**:

- Lead and collaborate across stakeholder groups to define and agree a roadmap for incremental transition toward a target state for DevSecOps
- Define and help establish DevSecOps practices and operating model throughout the SDCL and integrated into Agile ways of working.
- Help build and mature the cloud native platforms to embed security throughout the stack, automated where possible, leveraging infrastructure as code to enable easy and continuous deployment.
- Establishing practices and skills within the squads by facilitating and coaching of threat modelling, security requirements and risk management.
- Education & guidance through coding standards, coaching on peer reviews and provision of ongoing secure coding training.
- Driving continuous improvement and uplift in maturity of practices, tooling and people skills as you take the organisation on the journey to incrementally improve.
- Ensuring processes, practices, tooling is embedded and supported by the squads and engineering teams, with clear responsibilities.
- Providing governance assurance by building in clear metrics and reporting which can demonstrate progress and performance of the DevSecOps practices and maturity.
- Working with Technical Product Owners and Architecture to be secure by design and establish repeatable patterns.
- Supporting and collaborating with your Security Operations and Engineering colleagues to drive broader adoption of good security practices aligned to our strategy and standards, with solutions integrated with our security controls and services.
- Educate and empower colleagues to take responsibility for security by utilizing the DevSecOps practices and tools that you will contribute to creating.

**Other skills**:

- Engineering experience, ability to work autonomously and can take initiative.
- Experienced in coaching and influencing, with the ability to foster collaboration and buy-in from developers and other stakeholders.
- Balanced delivery focus. Willing to adapt, to take pragmatic approaches, achieving goals while maintaining the required integrity of our security posture.
- Experienced at documenting and presenting findings, technology options, decisions and designs.
- Experience with governance, reporting and building in measurability and assurance within processes and tooling to help show value and track control performance.
- Strong understanding of Risk Management