DevSecOps Capability Manager
Job Description
DevSecOps Capability ManagerLocation: Skipton (Hybrid)Salary: Competitive + Excellent BenefitsAre you passionate about driving secure, high-performing software delivery at scale? This is a fantastic opportunity to lead and evolve a DevSecOps capability within a forward-thinking organisation, enabling fast, safe, and compliant delivery across multiple engineering teams.The RoleAs the DevSecOps Capability Manager, youll lead and scale DevSecOps practices across the organisation, embedding secure-by-design principles, modern automation, and policy-as-code into the CI/CD ecosystem.Youll play a pivotal role in improving engineering performance, focusing on DORA metrics such as lead time, deployment frequency, and reliability. This role blends technical leadership, strategy, governance, and hands-on capability development.What Youll DoValue, Flow & QualityOwn and improve lead time and deployment frequency across platformsPublish and act on DORA and flow metricsRemove bottlenecks through automation and policy-as-codeImplement modern deployment strategies (canary, blue/green, auto rollback)Drive performance improvements via engineering scorecardsLeadership & Capability DevelopmentLead, coach, and develop a team of DevSecOps EngineersDefine standards, patterns, and best practicesFoster a culture of security, automation, and continuous improvementStrategy, Governance & Technical DirectionSet DevSecOps strategy across pipelines and security automationEstablish governance for CI/CD, IaC, and cloud deliveryDefine observability standards (SLOs, tracing, dashboards)Embed security into pipelines (SAST, SCA, DAST, secrets, IaC scanning)Govern "Golden Path" templates and adoptionOperational Oversight & Risk ManagementOversee reliability, performance, and security of platforms and pipelinesLead vulnerability management and remediationSupport incident response and post-incident reviewsIntegrate telemetry across Azure ecosystem (Defender, Entra, WAF)Collaboration Across TechnologyAct as a senior advisor to engineering, product, and security teamsAlign stakeholders on delivery and security best practiceRepresent DevSecOps in governance forumsTooling, Automation & OptimisationOwn DevSecOps tooling strategy and lifecycleDrive automation across testing, security, deployment, and monitoringPartner with Cloud and Platform teamsOwn and evolve the Golden Path service catalogueBusiness Continuity & ResilienceEmbed resilience and BCP via policy-as-codeEnsure audit-ready pipeline outputsRun recovery and resilience testing (game days)What Were Looking ForStrong leadership and people management experienceDeep expertise in CI/CD, DevSecOps, and security integrationStrong cloud, containerisation, and IaC knowledgeProven ability to improve DORA and engineering performance metricsExperience with observability and monitoring frameworksStrong background in security tooling (SAST, SCA, DAST, scanning tools)Solid understanding of cloud security, IAM, and zero-trust principlesExperience working in complex or regulated environmentsExcellent communication and stakeholder management skillsWhats In It for YouImpact: Lead a critical DevSecOps capability in a large-scale organisationFlexibility: Hybrid and flexible working optionsCareer Growth: Ongoing learning, development, and leadership exposureBenefits Package: Annual discretionary bonus25 days holiday + bank holidays + holiday tradingUp to 10% matched pensionPrivate medical insuranceElectric car salary sacrifice schemeColleague mortgage benefits3 paid volunteering daysGym discounts & wellbeing supportInclusive employee networksApply today or reach out directly to Charlie Smith for a confidential chat.TPBN1_UKTJ