Senior Manager Platform SDLC Engineer (DevSecOps)

TL;DR

Senior Manager Platform SDLC Engineer (DevSecOps): Leading the design, implementation, and enforcement of Secure Software Development Lifecycle (SSDLC) frameworks for a major banking client with an accent on the integration of security controls into automated CI/CD pipelines. Focus on automating security testing tools, remediating vulnerabilities, and fostering a Shift-Left security culture.

Location: On-site in Abu Dhabi or Dubai, United Arab Emirates

Company

A specialist AI and data consultancy dedicated to transforming corporate landscapes through bespoke intelligent systems, with deep expertise in financial services and banking.

What you will do

• Define, deploy, and standardize secure development frameworks and guardrails across all software and data platform workstreams.
• Integrate automated security testing tools (SAST, DAST, SCA, and container scanning) directly into enterprise CI/CD pipelines.
• Oversee the identification, triaging, and remediation of code-level and infrastructure vulnerabilities prior to production.
• Validate that all software releases meet internal security baselines, regulatory compliance, and automated governance gates.
• Provide technical guidance to platform and DevOps engineers to foster a Shift-Left security responsibility culture.
• Report pipeline security metrics, compliance health, and systemic risks to senior technical and risk leadership.

Requirements

• Minimum of 6 years in DevOps, cloud engineering, or software development, with at least 3 years in a specialized DevSecOps or Application Security role.
• Documented experience implementing secure delivery pipelines within highly regulated banking or financial services institutions.
• Hands-on experience securing and auditing IaC templates (Terraform, CloudFormation) and containerized workloads (Kubernetes, Docker).
• Deep knowledge of security-by-design principles and industry-standard SSDLC frameworks such as OWASP SAMM, NIST SSDF, or BSIMM.
• Proficiency in configuring enterprise orchestration tools including GitHub Actions, GitLab CI, Jenkins, or Azure DevOps.
• Prior experience in a client-facing consultancy capacity, managing delivery timelines and stakeholder expectations.

Nice to have

• Certifications such as CSSLP, AWS/Azure Security Specialties, or DevSecOps designations.
• Familiarity with securing data engineering pipelines and emerging MLOps security practices.
• Experience conducting structured architectural threat modeling sessions (e.g., using STRIDE).

Culture & Benefits

• Competitive salary and comprehensive personal health insurance.
• Visa sponsorship provided for the successful candidate.
• Professional development and certification support, including subscription reimbursements.
• Opportunity to work on cutting-edge AI projects within a rapidly growing company.
• Monthly Employee Incentive program and clear career advancement opportunities.