This Job Vacancy has Expired!

Information Security Directory (DevSecOps)

Posted on Aug 29, 2020 by Request Technology - Robyn Honquest

Virginia, VA
Immediate Start
Annual Salary


Information Security Director (DevSecOps)

Salary: $180k to $230k + 45k bonus

Location: McLean, VA

]Looking for a Director level to manage staff and managers. You will have 5 plus years application security, 10 plus years management, You will oversee automation to integration applications, security, CI/CD, threat modelling. Director of DevSecOps to lead and run the secure software development team.


  • Lead a team responsible for conducting static code analysis, threat modelling, and developer training program
  • Develop and execute secure software development strategy for the enterprise, including policies, standards and governance
  • Manage and design automation to integrate Application Security into various CI/CD across the enterprise
  • Develop communications program for application threats and external and internal security events
  • Improve and expand application security risk posture and processes; build and support metrics
  • Supervise the continuous release planning and execution and integrate with security design and engineering work across multiple groups and technical constituencies


  • Bachelor's degree in related field (Business, Information Services, IT, Information Security, etc.); Master's preferred
  • 10 years of advancing managerial work-experience in a highly diversified organization. 10+ years of growing responsibility and work complexity to include progressive management roles in large, sophisticated organizations
  • At least 5 years with Applications Security, including familiarity with the top tier toolsets supporting Application Security (dynamic and static)
  • At least 2 years with product design, delivery, and ownership and threat modelling
  • Deep experience in enabling organizations with DevSecOps
  • Deep experience with establishing and executing application security strategy
  • Solid experience in static code analysis and third-party software composition analysis
  • Good experience in establishing and rolling out Threat Modeling enterprise wide that can be consumed by developers and engineers
  • Good experience building security communities through evangelism and training programs
  • Knowledge of common information security management frameworks, including but not limited to: ISO 27001/27002, ITIL, COBIT and NIST
  • Professional security management certification, such as a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials, is desired

Reference: 937846385

Set up alerts to get notified of new vacancies.