DevSecOps Technical Lead

Hyderabad, Telangana   |   Full Time
Apply Now

We are seeking an experienced and hands-on DevSecOps Technical Lead to drive the strategy, design, and implementation of scalable DevOps practices across Cambridge Technology (CT). This role will lead CI/CD initiatives, infrastructure automation, and cloud operations while also serving as the subject matter expert for Salesforce DevOps, ensuring streamlined release management and governance within CT’s Salesforce ecosystem.

The ideal candidate is both technically strong and a people leader, capable of mentoring engineers, collaborating with cross-functional teams, and aligning DevSecOps strategy with business objectives.


Security Leadership & Strategy

  • Lead threat modeling workshops with Engineering and Architecture teams to identify, prioritize, and remediate risks early
  • Collaborate with the CISO and Security team to align DevSecOps practices with enterprise risk frameworks (NIST CSF, ISO 27001, SOC 2).

Secure CI/CD and Automation

  • Embed automated security gates throughout pipelines: SAST, DAST, SCA (Software Composition Analysis), and container image scanning.
  • Enforce secrets management policies using HashiCorp Vault, AWS Secrets Manager, or Azure Key Vault — eliminating hardcoded credentials from codebases.

Cloud Security & Infrastructure

  • Implement and maintain Cloud Security Posture Management (CSPM) tooling to continuously monitor misconfigurations and compliance drift.
  • Enforce least-privilege IAM policies and identity federation across cloud environments.
  • Implement runtime security and anomaly detection for containerized workloads (Falco, Aqua Security, Twistlock).

SalesForce DevSecOps

  • Enforce code quality and security scanning on Salesforce metadata and Apex deployments using PMD, CodeScan, or Checkmarx.
  • Manage access controls, org security settings, and permissions governance across Salesforce environments (Dev, QA, Staging, Prod).

Security Observability & Incident Response

  • Implement comprehensive observability solutions covering logging, monitoring, alerting, and distributed tracing with a security lens.
  • Integrate SIEM tooling (Splunk, Datadog Security, AWS Security Hub) into the broader observability stack.
  • Define and own security incident response runbooks for infrastructure and platform-level events.
  • Establish vulnerability management workflows — from discovery through remediation SLAs and stakeholder reporting.
  • Conduct regular security audits, penetration testing coordination, and remediation tracking.
  • Maintain compliance dashboards and evidence packages for audits (SOC 2, PCI-DSS, HIPAA, etc.) where applicable

Technical Skills

  • Security Scanning Checkmarx, Veracode, Snyk, SonarQube, Trivy, Grype, Checkov, tfsec
  • Secrets Management HashiCorp Vault, AWS Secrets Manager, Azure Key Vault, CyberArk
  • CI/CD Platforms Jenkins, GitHub Actions, GitLab CI, Azure DevOps, CircleCI
  • Cloud Security AWS GuardDuty / Security Hub, Azure Defender, GCP Security Command Center
  • Container Security Docker, Kubernetes, Falco, Aqua Security, Twistlock
  • IaC & Config Mgmt Terraform, CloudFormation, Ansible, Pulumi, Helm
  • Salesforce DevOps Copado, Gearset, AutoRABIT, Salesforce DX (SFDX), CodeScan, PMD
  • Observability / SIEM Datadog, Splunk, ELK Stack, Prometheus, Grafana, AWS Security Hub


Preferred Qualifications

  • Salesforce certifications (e.g., Salesforce Platform Developer, DevOps-related credentials).
  • Cloud certifications (AWS Certified DevOps Engineer, Azure DevOps Engineer, etc.).
  • Experience with microservices architecture.
  • Experience implementing DevSecOps practices.


Required Qualifications

  • 8+ years of experience in DevSecOps, or Infrastructure Engineering.
  • 3+ years of experience leading technical teams or serving as a technical lead.


Submit Your Application

You have successfully applied
  • You have errors in applying