DevSecOps Lead Engineer

Please note - Looking for highly qualified, dynamic, motivated and hands on DevSecOps leader who can work onsite in our Hi-Tech city office. Should be able to build a team with 2-3 additional engineers.Role: DevSecOps Lead EngineerPosition OverviewSimplifyVMS is seeking an experienced DevSecOps Lead Engineer with over 10 years of proven expertise in building and securing global, multi-tenant SaaS platforms. The ideal candidate will have deep hands-on experience in DevSecOps practices, automation, and cloud-native security within an AWS environment, coupled with a strong technical background in the MEAN stack (MongoDB, Express.js, Angular, Node.js) and MACH architecture (Microservices, API-first, Cloud-native, Headless).This leadership role will oversee the design, implementation, and continuous improvement of secure CI/CD pipelines, cloud infrastructure, and application security across SimplifyVMS’s global SaaS offerings.Key ResponsibilitiesDevSecOps Leadership- Lead and mentor the DevSecOps team, driving a “security by design” culture across engineering. - Define and implement DevSecOps strategies aligned with MACH principles for global SaaS platforms. - Partner with development, QA, product, and infrastructure teams to integrate security at every stage of the SDLC.Cloud & Infrastructure Security- Architect and secure highly available, multi-tenant AWS cloud environments. - Design infrastructure as code (IaC) using Terraform/CloudFormation. - Implement robust monitoring, logging, and alerting strategies (e.g., CloudWatch, ELK, Prometheus).Application & Data Security- Embed automated security scanning and compliance validation into CI/CD pipelines. - Ensure secure APIs, microservices, and containerized workloads across Kubernetes/ECS/EKS. - Apply advanced security practices for MongoDB and MEAN stack applications in a multi-tenant context.Compliance & Governance- Ensure compliance with global regulatory frameworks (e.g., GDPR, SOC 2, ISO 27001). - Develop and enforce policies for identity and access management, data protection, and incident response.Innovation & Optimization- Evaluate and implement modern DevSecOps tools for vulnerability management, secrets management, and SAST/DAST. - Drive continuous improvement initiatives in automation, scalability, and cost optimization.Required Skills & Qualifications- Experience: 10+ years in DevOps/DevSecOps, with at least 5 years leading security-driven initiatives for global SaaS platforms. - Architecture: Deep understanding of MACH architecture and microservices in multi-tenant SaaS contexts. - Cloud: Advanced AWS expertise (VPC design, IAM, EKS/ECS, Lambda, S3, RDS, CloudFront, Route 53, WAF, GuardDuty, etc.). - CI/CD: Proven experience with CI/CD pipelines (Jenkins, GitLab CI, GitHub Actions, or equivalent) with integrated security gates. - Containers & Orchestration: Strong Kubernetes/Docker knowledge, including securing workloads in production. - Security Tooling: Hands-on experience with tools like SonarQube, Snyk, Aqua, Prisma Cloud, HashiCorp Vault, etc. - Programming/Stack: Strong foundation in MEAN stack with security-focused coding practices. - IaC & Automation: Proficiency with Terraform/CloudFormation and scripting (Python, Bash, etc.). - Soft Skills: Strong leadership, communication, and cross-functional collaboration abilities.Preferred Qualifications- Certifications such as AWS Certified Security – Specialty, CISSP, CISM, or Certified Kubernetes Security Specialist (CKS). - Prior experience securing multi-tenant SaaS systems at scale. - Familiarity with DevSecOps maturity frameworks and security governance in global enterprises.Why Join SimplifyVMS?- Be part of a global SaaS leader revolutionizing vendor management with a cutting-edge MACH-based architecture. - Lead security and DevSecOps strategy in a high-growth, multi-tenant environment. - Collaborate with world-class engineers across MEAN stack, AWS cloud, and modern DevSecOps tooling. - Opportunity to shape and secure a next-generation platform used by enterprises worldwide.