Every day, Global Payments makes it possible for millions of people to move money between buyers and sellers using our payments solutions for credit, debit, prepaid and merchant services. Our worldwide team helps over 3 million companies, more than 1,300 financial institutions and over 600 million cardholders grow with confidence and achieve amazing results. We are driven by our passion for success and we are proud to deliver best-in-class payment technology and software solutions. Join our dynamic team and make your mark on the payments technology landscape of tomorrow.
We are seeking an experienced and dynamic DevSecOps Manager to lead and manage the integration of security practices into our DevSecOps pipeline. In this role, you will be responsible for overseeing the development, implementation, and continuous improvement of secure DevSecOps processes, ensuring that security is embedded into every phase of the software development lifecycle (SDLC). You will work closely with cross-functional teams (development, operations, security) to deliver high-quality, secure applications and infrastructure.
Leadership & Strategy:
Lead and mentor a team of DevSecOps engineers and security professionals, fostering a culture of security-first mindset within the development and operations teams.
Develop and execute a strategic roadmap for embedding security into our DevSecOps processes, with a focus on automation, continuous monitoring, and proactive risk management.
Partner with development, operations, and security teams to ensure security requirements are clearly defined and met.
Security Automation & Integration:
Drive the adoption and integration of automated security testing and tools (e.g., SAST, DAST, SCA, vulnerability scanning) into CI/CD pipelines.
Design, implement, and maintain secure CI/CD workflows, ensuring security checks are performed at every stage of the development lifecycle.
Ensure secure coding practices are enforced, and security testing is a part of the build and deployment process.
Collaboration:
Work closely with developers, system administrators, and security teams to ensure security is seamlessly integrated into all aspects of software development and operations.
Evangelize DevSecOps best practices and help build a culture of shared responsibility for security.
5+ years of experience in DevSecOps or Security Engineering, with at least 2 years in a leadership or managerial role.
In-depth knowledge of DevSecOps principles, CI/CD pipelines, and related technologies (e.g., Jenkins, GitLab, CircleCI, Docker, Kubernetes).
Strong experience with security tools and practices, including but not limited to static and dynamic analysis tools, vulnerability scanning, container security, and infrastructure-as-code security (e.g., Terraform, Ansible, AWS Security, etc.).
Familiarity with cloud environments (AWS, Azure, GCP) and securing cloud infrastructure.
Familiarity with scripting and automation tools (e.g., Python, Bash, PowerShell, Terraform, Ansible).
Solid understanding of threat modeling, risk management, and vulnerability management.
Knowledge of security frameworks (e.g., NIST, CIS, OWASP Top 10) and regulatory standards (e.g., GDPR, SOC 2, PCI-DSS).
Experience with identity and access management (IAM), encryption, and endpoint security.
Soft Skills:
Strong leadership, communication, and interpersonal skills, with the ability to influence and collaborate with cross-functional teams.
Excellent problem-solving and analytical skills, with a proactive and solutions-oriented mindset.
Ability to prioritize and manage multiple tasks in a fast-paced, dynamic environment.
Strong organizational skills with an ability to lead projects and meet deadlines.
Ability to educate and coach both technical and non-technical stakeholders on security best practices.
Bachelor's degree in Computer Science, Information Security, Engineering, or a related field (or equivalent work experience).
Relevant certifications, such as CISSP, CISM, CISA, AWS Certified Security Specialty, or similar, are a plus.
Experience with Infrastructure as Code (IaC) and security tools like Terraform, AWS CloudFormation, or similar.
Experience working in an agile or DevSecOps-driven environment.
Global Payments Inc. is an equal opportunity employer. Global Payments provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, sex (including pregnancy), national origin, ancestry, age, marital status, sexual orientation, gender identity or expression, disability, veteran status, genetic information or any other basis protected by law. If you wish to request reasonable accommodations related to applying for employment or provide feedback about the accessibility of this website, please contact jobs@globalpay.com.