A DevSecOps & SRE Architect leads the design, implementation, and governance of secure, resilient, and automated enterprise platforms. This role bridges the gap between development, security, and operations, embedding security as a key stakeholder in every phase of the software lifecycle while ensuring high availability, observability, and reliability of production systems
Key Responsibilities
- Design and implement end-to-end DevSecOps pipelines that embed shift-left security practices (SAST, DAST, SCA, IAST) into CI/CD workflows.
- Define and enforce Policy-as-Code and security guardrails across cloud infrastructure using tools like OPA, or Azure Policy.
- Architect Infrastructure as Code (IaC) frameworks (Terraform, Ansible, Bicep) to provision and govern cloud environments securely.
- Build and maintain secure software supply chain practices including SBOM management, artifact signing, and dependency scanning.
- Conduct DevSecOps maturity assessments and develop organizational roadmaps for security automation adoption.
- Establish and enforce Zero Trust Architecture principles across network, identity, and workload layers.
- Integrate secrets management, certificate lifecycle management, and vault solutions (e.g., HashiCorp Vault, Azure Key Vault).
- Collaborate with AppSec and compliance teams to meet standards such as ISO 27001, NIST 800-53, SOC 2, and CIS Benchmarks.
- Define and own the organization's SRE strategy, roadmap, and operating model, including SLI/SLO/SLA frameworks and error budget policies.
- Design and implement observability architectures using APM tools, distributed tracing, log aggregation, and real-time alerting (e.g., Prometheus, Grafana, Datadog, Azure Monitor).
- Lead incident management, RCA/post-mortem processes, and drive systemic improvements to reduce MTTR and recurrence.
- Champion chaos engineering and resilience testing practices to proactively identify failure modes before they impact production.
- Establish toil reduction programs through automation, enabling SRE teams to focus on reliability engineering over manual operations.
- Design high-availability, fault-tolerant architectures for distributed systems and microservices on cloud platforms.
- Drive capacity planning, performance engineering, and scalability reviews across critical services.
- Build Internal Developer Platforms (IDPs) and self-service tooling to accelerate developer productivity while maintaining security and compliance guardrails.
- Establish GitOps workflows for continuous delivery and configuration management at scale.
- Oversee container orchestration strategy using Kubernetes (EKS, AKS, Rancher) and define standards for workload security, networking, and observability.
- Guide, mentor, and upskill cross-functional DevSecOps and SRE teams, fostering a culture of reliability, security, and continuous improvement.
- Facilitate development operations and identify gaps, setbacks, and shortcomings across processes.
- Collaborate with product, engineering, and business stakeholders to align platform strategy with organizational goals.
- Define and track KPIs and engineering metrics (deployment frequency, change failure rate, DORA metrics, mean time to detect).
- Deliver internal training, conduct architecture reviews, and represent the platform function in senior leadership forums.
Requirements
- Bachelor's or Master's degree in Computer Science, Information Systems, or a related field.
- 5-10 years of total industry experience, with 3+ years in a DevSecOps or SRE Lead role.
- Proven track record of leading large-scale cloud-native transformation programs.
- Certification of Cloud Platform and Infrastructure (AWS/Azure)
- Certification of DevOps tools.
- Strong analytical, problem-solving, and communication skills
- Ability to lead geographically distributed and cross-functional teams
Qualifications & Skills
Technical Skills
- Cloud, Virtualization, and Infrastructure
- Microsoft Azure, AWS, GCP, VMware, and cloud services
- Windows Server and Linux Server administration
- RedHat, CentOS, and Ubuntu environments
- System sizing, software installation, maintenance, and upgrades
- Azure / VMware backup, restore, and disaster recovery tools
- DevOps, CI/CD, and Automation
- DevOps pipelines and CI/CD practices
- Bamboo, Octopus, Jenkins, Flux, and SonarQube
- Terraform, PowerShell, Azure CLI, Shell, and Perl scripting
- Software development and deployment automation
- Power BI
- Containers and Kubernetes
- Kubernetes cluster installation, configuration, and management
- Docker containerization
- Containerized application deployment and operations
- KEDA, Scale Set Operations, ISTIO
- Networking and Directory Services
- TCP/IP, DNS, and load balancing
- NGINX, HAProxy
- Active Directory, DNS configuration, Group Policy Objects, and OU structure
- API, Architecture, and Reliability
- Swagger and Postman
- Mission-critical system architecture
- High availability design
- Performance monitoring
- Reliable infrastructure operations
Core SRE Competencies
- Deep expertise in secure SDLC and threat modelling
- Experience designing SLO frameworks and error budget management
- Strong knowledge of compliance frameworks: NIST, ISO 27001, SOC 2, CIS, FIPS
- Experience with Agile and SAFe methodologies
Preferred / Good to Have
- Certifications: CISSP, CISM, CKA, AWS/Azure Security Specialist, Google SRE
- Experience with AI/ML-driven DevOps automation and AIOps platforms
- Knowledge of FinOps and cloud cost optimization strategies
- Familiarity with Platform Engineering and Internal Developer Portals (Backstage)
- Six Sigma or ITIL certification for process excellence