DevSecOps Capability Manager
Job Description
DevSecOps Capability Manager
\n
Location: Skipton (Hybrid)
\n
Salary: Competitive + Excellent Benefits
\n
\n
Are you passionate about driving secure, high-performing software delivery at scale? This is a fantastic opportunity to lead and evolve a DevSecOps capability within a forward-thinking organisation, enabling fast, safe, and compliant delivery across multiple engineering teams.
\n
\n
The Role
\n
As the DevSecOps Capability Manager, youll lead and scale DevSecOps practices across the organisation, embedding secure-by-design principles, modern automation, and policy-as-code into the CI/CD ecosystem.
\n
Youll play a pivotal role in improving engineering performance, focusing on DORA metrics such as lead time, deployment frequency, and reliability. This role blends technical leadership, strategy, governance, and hands-on capability development.
\n
\n
What Youll Do
\n
Value, Flow & Quality
\n
- \n
- Own and improve lead time and deployment frequency across platforms
- Publish and act on DORA and flow metrics
- Remove bottlenecks through automation and policy-as-code
- Implement modern deployment strategies (canary, blue/green, auto rollback)
- Drive performance improvements via engineering scorecards
\n
\n
\n
\n
\n\n
Leadership & Capability Development
\n
- \n
- Lead, coach, and develop a team of DevSecOps Engineers
- Define standards, patterns, and best practices
- Foster a culture of security, automation, and continuous improvement
\n
\n
\n\n
Strategy, Governance & Technical Direction
\n
- \n
- Set DevSecOps strategy across pipelines and security automation
- Establish governance for CI/CD, IaC, and cloud delivery
- Define observability standards (SLOs, tracing, dashboards)
- Embed security into pipelines (SAST, SCA, DAST, secrets, IaC scanning)
- Govern \"Golden Path\" templates and adoption
\n
\n
\n
\n
\n\n
Operational Oversight & Risk Management
\n
- \n
- Oversee reliability, performance, and security of platforms and pipelines
- Lead vulnerability management and remediation
- Support incident response and post-incident reviews
- Integrate telemetry across Azure ecosystem (Defender, Entra, WAF)
\n
\n
\n
\n\n
Collaboration Across Technology
\n
- \n
- Act as a senior advisor to engineering, product, and security teams
- Align stakeholders on delivery and security best practice
- Represent DevSecOps in governance forums
\n
\n
\n\n
Tooling, Automation & Optimisation
\n
- \n
- Own DevSecOps tooling strategy and lifecycle
- Drive automation across testing, security, deployment, and monitoring
- Partner with Cloud and Platform teams
- Own and evolve the Golden Path service catalogue
\n
\n
\n
\n\n
Business Continuity & Resilience
\n
- \n
- Embed resilience and BCP via policy-as-code
- Ensure audit-ready pipeline outputs
- Run recovery and resilience testing (game days)
\n
\n
\n\n
\n
What Were Looking For
\n
- \n
- Strong leadership and people management experience
- Deep expertise in CI/CD, DevSecOps, and security integration
- Strong cloud, containerisation, and IaC knowledge
- Proven ability to improve DORA and engineering performance metrics
- Experience with observability and monitoring frameworks
- Strong background in security tooling (SAST, SCA, DAST, scanning tools)
- Solid understanding of cloud security, IAM, and zero-trust principles
- Experience working in complex or regulated environments
- Excellent communication and stakeholder management skills
\n
\n
\n
\n
\n
\n
\n
\n
\n\n
\n
Whats In It for You
\n
- \n
- Impact: Lead a critical DevSecOps capability in a large-scale organisation
- Flexibility: Hybrid and flexible working options
- Career Growth: Ongoing learning, development, and leadership exposure
- Benefits Package: Annual discretionary bonus
- 25 days holiday + bank holidays + holiday trading
- Up to 10% matched pension
- Private medical insurance
- Electric car salary sacrifice scheme
- Colleague mortgage benefits
- 3 paid volunteering days
- Gym discounts & wellbeing support
- Inclusive employee networks
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n\n
\n
Apply today or reach out directly to Charlie Smith for a confidential chat.
\n \n
JBRP1_UKTJ