Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
YipitData

DevSecOps Lead

YipitData

DevSecOps Lead managing secure software development lifecycle at YipitData. Collaborating across departments to strengthen security practices within engineering operations.

Posted 6/18/2026full-timeRemote • New York • 🇺🇸 United StatesSenior💰 $250,000 per yearWebsite

Tech Stack

Tools & technologies
CloudJenkinsSDLC

About the role

Key responsibilities & impact
  • Own the roadmap for secure SDLC controls and partner with Engineering and Product to roll out standards that are practical, scalable, and auditable.
  • Develop and maintain secure development policies, implementation standards, and guidance for engineering teams.
  • Drive adoption of key controls across repositories and pipelines, including branch protection, pull request requirements, code review, secrets scanning, dependency scanning, infrastructure-as-code scanning, and container image scanning.
  • Partner with Engineering and Product teams to integrate security guardrails into CI/CD workflows and developer tooling.
  • Support vulnerability management operations, including intake, triage, remediation tracking, verification, and reporting.
  • Build reference implementations, templates, and onboarding guidance to help teams adopt secure patterns consistently.
  • Define and report on metrics such as control coverage, vulnerability aging, SLA performance, and remediation progress.
  • Prepare audit-ready documentation and evidence that demonstrates controls are implemented and operating effectively.
  • Evaluate and prioritize future enhancements such as SAST, DAST, SBOM generation, image signing, and broader software supply chain security improvements.

Requirements

What you’ll need
  • 6+ years of experience in DevSecOps, security engineering, application security, cloud security, or DevOps
  • Experience building or improving Secure SDLC, CI/CD security, or vulnerability management programs in modern engineering environments
  • Understand Git-based workflows, CI/CD systems, cloud-native development, containers, and repository security controls
  • Have implemented or governed controls such as branch protection, code review, secrets scanning, SAST, SCA, infrastructure-as-code scanning, or container scanning
  • Can translate security requirements into clear standards and practical implementation plans that work for engineering teams
  • Are comfortable influencing stakeholders across Security, Engineering, and leadership
  • Have experience with GitHub Enterprise, GitHub Actions, Jenkins, or similar platforms, preferred
  • Have experience supporting SOC 2, audit readiness, or customer assurance efforts, preferred
  • Are familiar with software supply chain security concepts such as SBOMs, image signing, and artifact integrity, preferred.

Benefits

Comp & perks
  • Flexible work hours
  • Flexible vacation
  • Generous 401K match
  • Parental leave
  • Team events
  • Wellness budget
  • Learning reimbursement

ATS Keywords

✓ Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
DevSecOpssecurity engineeringapplication securitycloud securityvulnerability managementSecure SDLCCI/CD securitySASTSCAinfrastructure-as-code scanning
Soft Skills
influencing stakeholderscommunicationcollaborationproblem-solvingdocumentation
Certifications
SOC 2