DevSecOps Capability Manager
Location: Skipton (Hybrid)
Salary: Competitive + Excellent Benefits
Are you passionate about driving secure, high-performing software delivery at scale? This is a fantastic opportunity to lead and evolve a DevSecOps capability within a forward-thinking organisation, enabling fast, safe, and compliant delivery across multiple engineering teams.
The Role
As the DevSecOps Capability Manager, youll lead and scale DevSecOps practices across the organisation, embedding secure-by-design principles, modern automation, and policy-as-code into the CI/CD ecosystem.
Youll play a pivotal role in improving engineering performance, focusing on DORA metrics such as lead time, deployment frequency, and reliability. This role blends technical leadership, strategy, governance, and hands-on capability development.
What Youll Do
Value, Flow & Quality
- Own and improve lead time and deployment frequency across platforms
- Publish and act on DORA and flow metrics
- Remove bottlenecks through automation and policy-as-code
- Implement modern deployment strategies (canary, blue/green, auto rollback)
- Drive performance improvements via engineering scorecards
Leadership & Capability Development
- Lead, coach, and develop a team of DevSecOps Engineers
- Define standards, patterns, and best practices
- Foster a culture of security, automation, and continuous improvement
Strategy, Governance & Technical Direction
- Set DevSecOps strategy across pipelines and security automation
- Establish governance for CI/CD, IaC, and cloud delivery
- Define observability standards (SLOs, tracing, dashboards)
- Embed security into pipelines (SAST, SCA, DAST, secrets, IaC scanning)
- Govern "Golden Path" templates and adoption
Operational Oversight & Risk Management
- Oversee reliability, performance, and security of platforms and pipelines
- Lead vulnerability management and remediation
- Support incident response and post-incident reviews
- Integrate telemetry across Azure ecosystem (Defender, Entra, WAF)
Collaboration Across Technology
- Act as a senior advisor to engineering, product, and security teams
- Align stakeholders on delivery and security best practice
- Represent DevSecOps in governance forums
Tooling, Automation & Optimisation
- Own DevSecOps tooling strategy and lifecycle
- Drive automation across testing, security, deployment, and monitoring
- Partner with Cloud and Platform teams
- Own and evolve the Golden Path service catalogue
Business Continuity & Resilience
- Embed resilience and BCP via policy-as-code
- Ensure audit-ready pipeline outputs
- Run recovery and resilience testing (game days)
What Were Looking For
- Strong leadership and people management experience
- Deep expertise in CI/CD, DevSecOps, and security integration
- Strong cloud, containerisation, and IaC knowledge
- Proven ability to improve DORA and engineering performance metrics
- Experience with observability and monitoring frameworks
- Strong background in security tooling (SAST, SCA, DAST, scanning tools)
- Solid understanding of cloud security, IAM, and zero-trust principles
- Experience working in complex or regulated environments
- Excellent communication and stakeholder management skills
Whats In It for You
- Impact: Lead a critical DevSecOps capability in a large-scale organisation
- Flexibility: Hybrid and flexible working options
- Career Growth: Ongoing learning, development, and leadership exposure
- Benefits Package: Annual discretionary bonus
- 25 days holiday + bank holidays + holiday trading
- Up to 10% matched pension
- Private medical insurance
- Electric car salary sacrifice scheme
- Colleague mortgage benefits
- 3 paid volunteering days
- Gym discounts & wellbeing support
- Inclusive employee networks
Apply today or reach out directly to Charlie Smith for a confidential chat.
JBRP1_UKTJ