DevSecOps Lead

Confirmed live in the last 24 hours

InvoiceCloud

Hyderabad, India

On-site

Posted February 3, 2026

Job Description

About InvoiceCloud:

InvoiceCloud is a fast-growing fintech leader recognized with 20 major awards in 2025, including USA TODAY and Boston Globe Top Workplaces, multiple SaaS Awards wins for Best Solution for Finance and FinTech, and national customer service honors from Stevie and the Business Intelligence Group. Judges also highlighted our mission to reduce digital exclusion and restore simplicity and dignity to how people pay for essential services, as well as our leadership in AI maturity and responsible innovation. It’s an award-winning, purpose-driven environment where top talent thrives. To learn more, visit InvoiceCloud.com.

Job Details

We are seeking a highly skilled and results-oriented DevSecOps Lead to strengthen application security across InvoiceCloud’s SaaS platform. This is a senior individual contributor role responsible for owning the design, implementation, and ongoing maturity of InvoiceCloud’s DevSecOps program across engineering teams and business units.

In this role, you will embed security early and consistently into the software development lifecycle by integrating automated security controls directly into CI/CD pipelines. Acting as a trusted technical authority, you will partner closely with Engineering, Cloud Infrastructure, Security, and Architecture teams to align tooling, workflows, and standards across a complex, distributed environment.

Operating with a high degree of autonomy, this role owns outcomes rather than tasks and carries significant enterprise impact through standards ownership, cross-functional coordination, and technical leadership.

Success Profile

At InvoiceCloud, success is anchored in our core competencies. These competencies guide how every employee delivers impact across their role.

Ownership

Owns the design, implementation, and ongoing operation of InvoiceCloud’s DevSecOps program, embedding security controls directly into CI/CD pipelines.
Defines secure coding standards, remediation SLAs, and enforcement guardrails to ensure consistent adoption across engineering teams.
Serves as the accountable owner for SDLC security posture, coordinating with engineering, cloud, and security stakeholders to resolve risk.
Communicates security posture, risks, and progress clearly to security leadership and executive stakeholders.

Drives Efficiency

Integrates automated SAST, DAST, SCA, IaC, container, and secrets scanning into development workflows to reduce manual effort and friction.
Designs and maintains scalable “golden path” pipelines with standardized guardrails, enabling teams to ship securely by default.
Establishes policy-as-code, admission controls, and branch protections to ensure repeatable, low-touch enforcement across environments.
Applies AI-driven and automated analysis to accelerate detection, triage, and remediation of security findings across the SDLC.

Results Driven

Defines and tracks measurable SDLC security metrics, reporting on maturity, coverage, and risk reduction over time.
Delivers phased outcomes that balance quick-win security improvements with long-term application security maturity.
Partners with engineering teams to ensure security improvements translate into meaningful risk reduction, not just tooling adoption.
Improves visibility into application security posture through consistent reporting and clear success criteria.

Innovative

Evolves DevSecOps practices by evaluating and adopting modern application and software supply chain security techniques.
Continuously improves tooling, workflows, and standards based on data, feedback, and emerging threat patterns.
Translates technical insights int

gorustawsazureaidevopsdatadesign