WRK DIGITAL LTD

DevSecOps Capability Manager Location: Skipton (Hybrid) Salary: Competitive + Excellent Benefits Are you passionate about driving secure, high-performing software delivery at scale? This is a fantastic opportunity to lead and evolve a DevSecOps capability within a forward-thinking organisation, enabling fast, safe, and compliant delivery across multiple engineering teams. The Role As the DevSecOps Capability Manager, youll lead and scale DevSecOps practices across the organisation, embedding secure-by-design principles, modern automation, and policy-as-code into the CI/CD ecosystem. Youll play a pivotal role in improving engineering performance, focusing on DORA metrics such as lead time, deployment frequency, and reliability. This role blends technical leadership, strategy, governance, and hands-on capability development. What Youll Do Value, Flow & Quality Own and improve lead time and deployment frequency across platforms Publish and act on DORA and flow metrics Remove bottlenecks through automation and policy-as-code Implement modern deployment strategies (canary, blue/green, auto rollback) Drive performance improvements via engineering scorecards Leadership & Capability Development Lead, coach, and develop a team of DevSecOps Engineers Define standards, patterns, and best practices Foster a culture of security, automation, and continuous improvement Strategy, Governance & Technical Direction Set DevSecOps strategy across pipelines and security automation Establish governance for CI/CD, IaC, and cloud delivery Define observability standards (SLOs, tracing, dashboards) Embed security into pipelines (SAST, SCA, DAST, secrets, IaC scanning) Govern "Golden Path" templates and adoption Operational Oversight & Risk Management Oversee reliability, performance, and security of platforms and pipelines Lead vulnerability management and remediation Support incident response and post-incident reviews Integrate telemetry across Azure ecosystem (Defender, Entra, WAF) Collaboration Across Technology Act as a senior advisor to engineering, product, and security teams Align stakeholders on delivery and security best practice Represent DevSecOps in governance forums Tooling, Automation & Optimisation Own DevSecOps tooling strategy and lifecycle Drive automation across testing, security, deployment, and monitoring Partner with Cloud and Platform teams Own and evolve the Golden Path service catalogue Business Continuity & Resilience Embed resilience and BCP via policy-as-code Ensure audit-ready pipeline outputs Run recovery and resilience testing (game days) What Were Looking For Strong leadership and people management experience Deep expertise in CI/CD, DevSecOps, and security integration Strong cloud, containerisation, and IaC knowledge Proven ability to improve DORA and engineering performance metrics Experience with observability and monitoring frameworks Strong background in security tooling (SAST, SCA, DAST, scanning tools) Solid understanding of cloud security, IAM, and zero-trust principles Experience working in complex or regulated environments Excellent communication and stakeholder management skills Whats In It for You Impact: Lead a critical DevSecOps capability in a large-scale organisation Flexibility: Hybrid and flexible working options Career Growth: Ongoing learning, development, and leadership exposure Benefits Package: Annual discretionary bonus 25 days holiday + bank holidays + holiday trading Up to 10% matched pension Private medical insurance Electric car salary sacrifice scheme Colleague mortgage benefits 3 paid volunteering days Gym discounts & wellbeing support Inclusive employee networks Apply today or reach out directly to Charlie Smith for a confidential chat. JBRP1_UKTJ