DevSecOps Architect

Job Title: DevSecOps Architect Enterprise Platforms (SAP & Salesforce)

Location: Oakland CA 94612 ( Hybrid )

Duration: 12+ Months

Job Description:

The DevSecOps Architect is a senior technical role responsible for embedding security best practices throughout the software development lifecycle (SDLC), ensuring that security is a foundational element from design through deployment and operations. This position will lead the integration of security into CI/CD pipelines across diverse platforms, including SAP, Salesforce, and other enterprise systems. The ideal candidate will possess deep expertise in security testing methodologies such as Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST), and will be adept at automating and orchestrating security controls within modern DevOps workflows.

Key Responsibilities

1. Security Integration Across the SDLC

• Champion and implement security by design, ensuring security considerations are embedded from the initial design phase through to deployment and maintenance .
• Develop and enforce secure coding standards, conduct threat modeling, and perform security risk assessments during the planning and design phases .
• Lead the adoption of best practices for continuous security testing, including regular security audits and reviews to maintain an effective security posture .

1. CI/CD Pipeline Development and Integration

• Architect, implement, and maintain CI/CD pipelines for SAP, Salesforce, and other platforms, leveraging both platform-specific and general-purpose automation tools .
• Integrate automated security testing (SAST, DAST, SCA) into CI/CD workflows to ensure vulnerabilities are identified and remediated early in the development process .
• Collaborate with development, QA, and operations teams to streamline deployment processes and ensure secure, reliable software delivery .

1. Security Testing and Automation

• Select, configure, and manage SAST and DAST tools, ensuring they are effectively integrated into development and deployment pipelines .
• Oversee the implementation of additional security testing methodologies such as Interactive Application Security Testing (IAST), Software Composition Analysis (SCA), and penetration testing .
• Automate security controls and testing to provide continuous feedback and reduce manual intervention .

1. Platform-Specific Security and CI/CD

• Design and implement CI/CD pipelines tailored for SAP environments, utilizing SAP s Continuous Integration and Delivery services and ensuring compliance with SAP-specific requirements .
• Develop and maintain CI/CD processes for Salesforce, leveraging Salesforce CLI, version control, and automated testing frameworks to meet platform-specific deployment and security needs .
• Extend DevSecOps practices to other enterprise platforms as required, ensuring consistency and scalability across the organization.

1. Governance, Compliance, and Risk Management

• Ensure all security practices align with industry standards (e.g., OWASP Top Ten, CWE/SANS Top 25) and regulatory requirements (e.g., GDPR, HIPAA, PCI DSS) .
• Conduct regular security risk assessments and audits, and provide actionable recommendations for continuous improvement .
• Maintain documentation and provide training to development and operations teams on secure development and deployment practices .

Required Skills and Qualifications

Technical Skills

• Deep expertise in SAST and DAST tools and methodologies, with hands-on experience integrating these into CI/CD pipelines .
• Proficiency in programming and scripting languages (e.g., Python, Java, Ruby) and familiarity with DevOps tools (e.g., Docker, Kubernetes, Jenkins, GitHub Actions, GitLab CI) .
• Strong understanding of cloud-native technologies and public cloud platforms (AWS, Azure, Google Cloud Platform) .
• Experience with SAP and Salesforce development, deployment, and security best practices .

Security and Compliance

• In-depth knowledge of secure coding practices, vulnerability management, and security automation .
• Familiarity with compliance frameworks and the ability to implement controls to meet regulatory requirements .

Certifications (Preferred)

• Certified DevSecOps Engineer (CDSOE), Certified DevSecOps Professional (CDP), or EC-Council Certified DevSecOps Engineer (E|CDE) .
• General security certifications such as CISSP or CISM .
• Cloud and DevOps certifications (e.g., Certified Kubernetes Security Specialist, AWS/Azure security certifications) .

Experience

• Several years of experience in software development, IT operations, or cybersecurity, with a focus on integrating security into DevOps processes .
• Demonstrated experience architecting and implementing CI/CD pipelines for SAP, Salesforce, and other enterprise platforms .

Soft Skills

• Strong communication and collaboration skills to work effectively with cross-functional teams .
• Analytical mindset with the ability to assess risks and propose effective mitigation strategies.
• Commitment to continuous learning and staying updated with the latest security trends and tools.

Key Tools and Technologies

• SAST Tools: jfrog,Checkmarx, SonarQube, Veracode, Semgrep, Snyk Code .
• DAST Tools: OWASP ZAP, Burp Suite, and other leading DAST solutions .
• CI/CD Platforms: Jenkins, GitHub Actions, GitLab CI, SAP Continuous Integration and Delivery, Salesforce CLI .
• Version Control: Git and related branching/merging strategies .
• Cloud Platforms: AWS, Azure, Google Cloud Platform .

Summary

The DevSecOps Architect is a pivotal role that ensures security is seamlessly integrated into every phase of the software development and deployment lifecycle. By leveraging expertise in SAST, DAST, CI/CD pipeline automation, and platform-specific best practices for SAP, Salesforce, and other systems, this role drives the organization s ability to deliver secure, reliable, and compliant software at scale .