Jobs · Management · New Jersey

Global Head of DevOps Services

Chubb · Jersey City, NJ · 2 wk ago
Management$240k–$280k/yrFull-time

About the role

The Global Head of DevSecOps is responsible for building and scaling the DevSecOps function globally. This is a hands-on technical leadership role where you will architect automation and enforcement mechanisms that make security invisible to developers while maintaining complete control and visibility.

Responsibilities

  • Automation & Enforcement: Design and implement foundational DevSecOps platforms that automate security policy enforcement across CI/CD pipelines, infrastructure-as-code, container registries, and deployment systems.

  • Build verification systems that provide real-time evidence of compliance, vulnerability remediation, and security posture—eliminating manual audits.

  • Lead technical architecture decisions for secrets management, supply chain security, and artifact signing.

  • AI native software engineering expert: Make security frictionless by design tools and workflows so developers want to follow security practices.

  • Shift left: Move security testing, scanning, and validation to local development and early CI stages.

  • Build dashboards, APIs, and CLIs that give developers transparency into their security posture without overwhelming them.

  • Champion zero-friction onboarding: new engineers should inherit secure defaults with minimal training.

  • Code regularly in your areas of leverage; pair with teams on high-impact automation projects; stay in the trenches on the hardest technical problems.

  • Own critical-path infrastructure: build and maintain your team's CI/CD platforms, secrets systems, and policy engines.

  • Drive incident response for security and reliability issues; be the expert responder, not just the director.

  • Organizational Influence & Change: Partner with engineering leaders to shift security ownership; security is not a gate, it's engineering culture.

  • Communicate transparently about risk, tradeoffs, and implementation status—especially when timelines slip or priorities conflict.

  • Enforce standards without being perceived as a blocker; design policies that developers will adopt voluntarily.

  • Build a high-impact, lean team (likely 8–15 leads) that punches well above its weight.

  • Compliance & Risk: Own the evidence and documentation for SOC 2, ISO 27001, and regulatory audits—automate away manual compliance work.

  • Drive continuous verification of security controls; eliminate the painful spring audits.

  • Partner with Enterprise Risk and Legal on policy, but ensure the technical implementation is sound.

Qualifications

  • 12+ years of software engineering and DevOps experience; 5+ years building or scaling security/compliance automation at significant scale (100+ engineers).

  • Strong coding skills across multiple languages; comfortable shipping production code and debugging in production.

  • Deep hands-on knowledge of: Kubernetes/container orchestration, CI/CD systems (GitHub Actions, Jenkins, Ansible are a must), policy-as-code (OPA), infrastructure-as-code, secrets management.

  • Experience designing and owning high-availability, high-observability systems that must earn trust.

  • Proven track record of building and scaling engineering teams through hiring, mentorship, and technical direction.

  • Ability to influence without authority: cross-functional alignment with product, infra, and risk teams.

  • Comfort in ambiguity; can prioritize ruthlessly and say "no" to protect team capacity.

  • Track record of driving organizational change in security/compliance without friction.

  • Automation obsessive: if it's done manually more than twice, it's a problem.

  • Mindset of transparency and directness: you communicate bad news early, explain tradeoffs, and own mistakes.

  • Learning hunger: security and DevOps evolve constantly; you stay sharp and drive continuous improvement.

What We're Looking For

  • Technical chops: 5+ years in DevSecOps, platform engineering, or security engineering roles at scale (100+ engineers).

  • Production experience with Kubernetes and container security.

  • Hands-on experience with policy-as-code, scanning (SAST, DAST, SCA), and secrets management.

  • Experience designing and communicating compliance/audit evidence to non-technical stakeholders.

  • Bachelor's degree in Computer Science, Engineering, or equivalent professional experience.

  • Preferred experience at a regulated industry (financial services, healthcare, insurance).

  • Background in incident response or security operations.

  • Open source contributions in DevSecOps or infrastructure tooling.

  • Familiarity with zero-trust architecture or advanced threat detection.

  • Familiarity with financial services compliance (SOC 2, PCI, NIST).

Pay and Benefits

The pay range for the role is $240,000 to $280,000. The specific offer will depend on an applicant’s skills and other factors. This role may also be eligible to participate in a discretionary annual incentive program.

Chubb offers a comprehensive benefits package, more details on which can be found on our careers website.

Similar jobs

Director of DevOps

ExostarHerndon, VA· 2 wk ago
Information Technologyapply on recruiting.ultipro.com

Director of DevOps

Origami RiskUnited States· 1 wk ago
RemoteManagement$175k–$222k/yrapply on careers-origamirisk.icims.com