DevSecOps Lead Engineer

Please note - Looking for highly qualified, dynamic, motivated and hands on DevSecOps leader who can work onsite in our Hi-Tech city office. Should be able to build a team with 2-3 additional engineers.

Role: DevSecOps Lead Engineer

Position Overview

SimplifyVMS is seeking an experienced
DevSecOps Lead Engineer
with over 10 years of proven expertise in building and securing
global, multi-tenant SaaS platforms
. The ideal candidate will have deep hands-on experience in
DevSecOps practices, automation, and cloud-native security
within an
AWS environment
, coupled with a strong technical background in the
MEAN stack
(MongoDB, , Angular, ) and
MACH architecture
(Microservices, API-first, Cloud-native, Headless).

This leadership role will oversee the design, implementation, and continuous improvement of secure CI/CD pipelines, cloud infrastructure, and application security across SimplifyVMS's global SaaS offerings.

Key Responsibilities

DevSecOps Leadership

• Lead and mentor the DevSecOps team, driving a "security by design" culture across engineering.
• Define and implement DevSecOps strategies aligned with MACH principles for global SaaS platforms.
• Partner with development, QA, product, and infrastructure teams to integrate security at every stage of the SDLC.

Cloud & Infrastructure Security

• Architect and secure highly available, multi-tenant AWS cloud environments.
• Design infrastructure as code (IaC) using Terraform/CloudFormation.
• Implement robust monitoring, logging, and alerting strategies (e.g., CloudWatch, ELK, Prometheus).

Application & Data Security

• Embed automated security scanning and compliance validation into CI/CD pipelines.
• Ensure secure APIs, microservices, and containerized workloads across Kubernetes/ECS/EKS.
• Apply advanced security practices for MongoDB and MEAN stack applications in a multi-tenant context.

Compliance & Governance

• Ensure compliance with global regulatory frameworks (e.g., GDPR, SOC 2, ISO
• Develop and enforce policies for identity and access management, data protection, and incident response.

Innovation & Optimization

• Evaluate and implement modern DevSecOps tools for vulnerability management, secrets management, and SAST/DAST.
• Drive continuous improvement initiatives in automation, scalability, and cost optimization.

Required Skills & Qualifications

• Experience
  : 10+ years in DevOps/DevSecOps, with at least 5 years leading security-driven initiatives for
  global SaaS platforms
  .
• Architecture
  : Deep understanding of
  MACH architecture
  and microservices in multi-tenant SaaS contexts.
• Cloud
  : Advanced AWS expertise (VPC design, IAM, EKS/ECS, Lambda, S3, RDS, CloudFront, Route 53, WAF, GuardDuty, etc.).
• CI/CD
  : Proven experience with CI/CD pipelines (Jenkins, GitLab CI, GitHub Actions, or equivalent) with integrated security gates.
• Containers & Orchestration
  : Strong Kubernetes/Docker knowledge, including securing workloads in production.
• Security Tooling
  : Hands-on experience with tools like SonarQube, Snyk, Aqua, Prisma Cloud, HashiCorp Vault, etc.
• Programming/Stack
  : Strong foundation in
  MEAN stack
  with security-focused coding practices.
• IaC & Automation
  : Proficiency with Terraform/CloudFormation and scripting (Python, Bash, etc.).
• Soft Skills
  : Strong leadership, communication, and cross-functional collaboration abilities.

Preferred Qualifications

• Certifications such as
  AWS Certified Security – Specialty
  ,
  CISSP
  ,
  CISM
  , or
  Certified Kubernetes Security Specialist (CKS)
  .
• Prior experience securing
  multi-tenant SaaS systems at scale
  .
• Familiarity with DevSecOps maturity frameworks and security governance in global enterprises.

Why Join SimplifyVMS?

• Be part of a
  global SaaS leader
  revolutionizing vendor management with a cutting-edge
  MACH-based architecture
  .
• Lead security and DevSecOps strategy in a
  high-growth, multi-tenant environment
  .
• Collaborate with world-class engineers across MEAN stack, AWS cloud, and modern DevSecOps tooling.
• Opportunity to shape and secure a
  next-generation platform
  used by enterprises worldwide.