Sr. DevSecOps Architect

Vidoori is a digital transformation leader recognized for delivering excellence in cloud and software solutions. As we scale our secure engineering capabilities, we are seeking an experienced Sr. DevSecOps Architect to join our team. This role offers the opportunity to define secure cloud-native architectures, embed security across the development lifecycle, and influence technical strategy in a collaborative, inclusive environment that values continuous learning and innovation.

Role Overview – Sr. DevSecOps Architect

Reporting to senior technical leadership, the Sr. DevSecOps Architect will design, implement, and evangelize secure, automated DevOps practices across cloud platforms and software delivery pipelines. The role combines hands-on engineering, architectural leadership, governance, and cross-functional collaboration to reduce risk, accelerate delivery, and ensure compliance with security standards. You will partner with engineering, platform, and security teams to shape secure-by-design solutions and mentor colleagues on modern DevSecOps approaches.

Key Responsibilities – Secure Architecture, CI/CD, and Platform Engineering

• Define and document secure cloud and application architectures that meet business requirements and regulatory obligations (e.g., FedRAMP, NIST, DISA STIGs as applicable).
• Lead the design and implementation of automated CI/CD pipelines with integrated security controls (SAST, DAST, SCA, secret detection), infrastructure as code (IaC) scanning, and automated compliance checks.
• Architect and operate secure, scalable container and orchestration platforms (Kubernetes/OpenShift) and associated platform services (service mesh, ingress, observability, policy enforcement).
• Collaborate with developers to integrate secure coding practices, threat modelling, and runtime protection into the SDLC.
• Design and maintain automated monitoring, alerting, and incident response playbooks to detect and respond to security events across cloud and application layers.
• Develop IaC (Terraform, CloudFormation) patterns and reusable modules that enforce security guardrails and reduce configuration drift.
• Provide technical leadership on identity and access management, zero trust principles, secrets management, and key management solutions.
• Assess third-party and open-source components for security risk and define mitigation strategies for supply chain vulnerabilities.
• Partner with compliance, legal, and risk teams to support audits, evidence collection, and remediation efforts.
• Mentor and coach engineers and platform teams on DevSecOps best practices, tooling, and secure architecture patterns.

Essential Skills and Experience – DevSecOps, Cloud, and Security Engineering

• Bachelor’s degree in Computer Science, Cyber Security, or a related discipline, or equivalent practical experience.
• Proven track record (typically 10+ years) in cloud architecture, platform engineering, or security engineering roles, with demonstrable experience in DevSecOps practices.
• Strong experience with major cloud providers (AWS, Azure, or GCP) and native security controls and services.
• Hands-on expertise with CI/CD tooling (Jenkins, GitLab CI, GitHub Actions, etc.), containerisation (Docker), and orchestration (Kubernetes).
• Practical knowledge of security testing tools and techniques: SAST, DAST, SCA, container image scanning, IaC scanning, and dynamic runtime protection.
• Experience authoring and reviewing IaC (Terraform, CloudFormation) and applying automated policy-as-code (OPA, Sentinel, or similar).
• Strong scripting and automation skills (Python, Go, Bash, or similar) and experience building tooling to operationalise security controls.
• Excellent communication skills with the ability to translate security requirements into practical engineering solutions for diverse audiences.

Desirable Skills – Compliance, Threat Modelling, and Cloud-Native Security

• Relevant certifications such as CISSP, CISM, CCSP, AWS Certified Security – Specialty, or similar are advantageous.
• Experience with regulatory frameworks and assessments (FedRAMP, NIST 800-53, ISO 27001) in enterprise or government environments.
• Familiarity with service mesh, eBPF-based observability, runtime security (Falco, Falco-based policies), and policy engines (OPA/Gatekeeper).
• Background in secure software supply chain practices, SBOM generation, and mitigation of dependency vulnerabilities.
• Experience contributing to architecture reviews, threat modelling workshops, and security-focused design patterns across large programmes.

Benefits and Career Development – Technical Leadership at Vidoori

• Competitive base salary with performance-related bonus and incentives linked to technical and delivery outcomes.
• Flexible working arrangements, including hybrid/remote options to support a healthy work–life balance.
• Supportive and inclusive culture with investment in professional development, training, and mentorship opportunities.
• Opportunity to shape platform strategy, influence security standards, and progress into senior technical leadership roles.
• Work on high-impact secure cloud transformation engagements with public sector and commercial clients.

Application Guidance – Technical Opportunities at Vidoori

• Location: Hybrid – Maryland/Washington DC Area
• Residency: Must be a US Citizen where role requires clearance or federal contracting participation
• Employment Type: Full-time, senior-level

Join Vidoori as a Sr. DevSecOps Architect and help us embed security across the delivery lifecycle, accelerate secure cloud adoption, and deliver resilient solutions for our clients. If you are pragmatic, collaborative, and passionate about secure engineering, we encourage you to apply and contribute to a team dedicated to excellence and inclusive growth.