Devsecops lead
Posted Today by StoneGate-Technologies LLC
Negotiable
Undetermined
Remote
Remote
Summary: The role of DevSecOps Lead involves architecting and enforcing enterprise-grade Zero Trust architectures and secure software supply chains. The position requires extensive hands-on expertise in cloud-native security orchestration and kernel-level detection engineering across multi-cloud environments. The ideal candidate will have a strong background in Cloud Security, Platform Engineering, and DevSecOps, with a focus on automation and policy enforcement. This is a 12-month remote contract position aimed at experienced professionals with over 10 years in the field.
Key Responsibilities:
- Architect and deploy cryptographic workload identities and multi-cloud enterprise federation frameworks.
- Implement end-to-end pipeline enforcement, artifact provenance, and verifiable build attestations.
- Build custom enterprise governance platforms and develop low-level, kernel-space security detection models.
- Drive policy-as-code automation and secure cloud-native container orchestration platforms at scale.
Key Skills:
- 10+ years in Cloud Security, Platform Engineering, DevSecOps, or Infrastructure Security.
- Deep architectural and hands-on expertise across AWS, Azure, and Google Cloud Platform.
- Strong engineering experience with Kubernetes, containers, and cloud-native ecosystems.
- Mandatory hands-on experience with SPIFFE/SPIRE, In-Toto, Tekton Chains, custom OPA platforms, eBPF, and Zero Trust Architecture.
- Advanced proficiency in Go, Python, Bash, Terraform, and YAML.
Salary (Rate): undetermined
City: undetermined
Country: undetermined
Working Arrangements: remote
IR35 Status: undetermined
Seniority Level: undetermined
Industry: IT
Title:Devsecops lead
Location: Menlo Park, CA (Remote)
Duration: 12-Month Contract
Experience Level: 10+ Years
Position Overview
We are seeking a visionary Senior Cloud Technology Lead to architect and enforce enterprise-grade Zero Trust architectures and secure software supply chains. This role demands deep, hands-on expertise in cloud-native security orchestration, kernel-level detection engineering, and cutting-edge attestation frameworks across multi-cloud environments (AWS, Azure, Google Cloud Platform).
Core Responsibilities
Zero Trust Governance: Architect and deploy cryptographic workload identities and multi-cloud enterprise federation frameworks.
Supply Chain Attestation: Implement end-to-end pipeline enforcement, artifact provenance, and verifiable build attestations.
Policy & Detection Engineering: Build custom enterprise governance platforms and develop low-level, kernel-space security detection models.
Infrastructure as Code: Drive policy-as-code automation and secure cloud-native container orchestration platforms at scale.
Required Qualifications
Experience: 10+ years in Cloud Security, Platform Engineering, DevSecOps, or Infrastructure Security.
Cloud Mastery: Deep architectural and hands-on expertise across AWS, Azure, and Google Cloud Platform platforms.
Container Orchestration: Strong engineering experience with Kubernetes, containers, and cloud-native ecosystems.
Advanced Tooling (Mandatory Hands-On Experience):
Identity: SPIFFE / SPIRE enterprise federation
Supply Chain: In-Toto full pipeline enforcement & Tekton Chains production attestation
Governance: Custom OPA (Open Policy Agent) enterprise platforms
Detection: eBPF kernel-level detection engineering
Frameworks: Deep understanding of Zero Trust Architecture, cryptographic identities, and SLSA compliance.
Automation & Code: Advanced proficiency in Go, Python, Bash, Terraform, and YAML.