Lead and develop a small team responsible for SDLC security tooling, automation, and developer-facing security guardrails.
Define team priorities, roles, execution plans, and resource needs in alignment with Platform Engineering & DevSecOps objectives.
Lead the implementation and continuous improvement of SDLC security tooling, including scanning, secrets management, policy-as-code, and automated guardrails.
Manage vulnerability management workflows and help define secure release criteria in partnership with Security, QE, Release Management, and engineering teams.
Integrate security automation into CI/CD pipelines and developer paved roads to make secure practices easier for engineering teams to adopt.
Partner with DevSecOps, Developer Experience, QE, Release Management, and engineering teams to drive secure-by-default practices.

Typically, a minimum of 1-2 years of experience formally or informally leading people, projects, and/or programs.
Bachelor’s or Master’s degree or equivalent plus directly relevant experience.
Strong background in application security, cloud security, secure SDLC, DevSecOps, or CI/CD security automation supporting software product development.
Experience leading or coordinating engineers, technical programs, security tooling initiatives, or cross-functional implementation efforts.
Hands-on experience with secure SDLC tooling such as SAST, SCA, DAST, secrets detection, container/cloud scanning, vulnerability management, or policy-as-code.
Experience integrating security controls into CI/CD pipelines, developer workflows, and platform engineering environments.
Experience with threat modeling, vulnerability management, secure release criteria, and developer-facing security guardrails.
Strong communication and cross-functional leadership skills, with the ability to partner across DevSecOps, Security, QE, Release Management, and software engineering teams.

Lead, SDLC Security Engineering

Key skills