Job Purpose
The Director, DevSecOps is responsible for providing communication, integration, automation, and fluidcooperation between all cross- functional teams to plan, develop, test, deploy, release, and maintain a solution;managing and leading DevSecOps team to design, implement, automate, and enhance the ContinuousDelivery/Continuous Integration pipelines that represent the DevSecOps ways of working, workflows, and gitoperations to deliver functionalities from proof of concepts to an on- demand release of value to the end user.
Key Accountabilities
Main work:
- Continuous Delivery Through DevSecOps Factory:
+ Continuous Deployment of services and platforms from non- production all the way to production.
+ Continuous Integration by building, integrating features, bugs fixing the new versions of services andplatforms; automating end- to- end testing and validating application services on non- production environments.
+ Build, map and optimize the delivery of Continuous Delivery pipelines by addressing key elements such as:Process time, Lead time, Delay time, Percentage of completion and accuracy.
+ Release applications/services features fast, efficiently, and first to market on demand of business.
+ Continuous Exploration by analyzing and researching the development and implementation of newtechnologies/features; modification and improvement of existing architectures; define and prioritize activities inthe platform backlog according to its needs.
- DevSecOps Factory:
+ Build, automate, enhance, and integrate security governance: Application và platform continuous securitymonitoring; API security Testing; Penetration testing; Protocol Fuzzing; Threat Modeling.
+ Build, implement, improve and measure DevSecOps factory: Tools Chain, Culture, Ways of Working, Mind Set
- Report periodically to the Head of IT Infrastucture Services.
Optimization and compliance:
- Implement and enhance automated Test and Verification, with:
+ Verification of expected business value.
+ Defects found and fixed immediately (Roll forward)
- Increase visibility with automated generation of Information and Reporting, by providing:
+ Cross- reference across organizational boundaries
+ Dynamic self- service of information
+ Customizable dashboards
- Build trust between software engineering and IT, enable organic process improvement and risk mitigation.
- Maximize business value by enabling technical staff to adapt to changing requirements or environmentalfactors.
- Engage stakeholders early and consistently throughout the SDLC, leading to few defects and incorrectrequirements.
PEOPLE MANAGEMENT
- Attract, onboard and retain the right talents for a high- performing team
- Responsible for developing talents within the function/ sub- function
- Manage sub- function/ function performance & provide feedback regularly (following the annual performancemanagement cycle)
- Understand & communicate relevant HR offerings to team members.
- Oversee human resources planning and execution (headcount & costs) of their function/ sub- function
- Establish and communicate sub- function/ function and individual KRAs/ KPIs, goals, action plan, expectationsand results to reporting line
- Act as a role model and promote corporate culture at function/ sub- function level
- Motivate and recognize team members’ contributions towards the team’s shared goals
- Define team’s capability requirements and enable team member’s professional and personal developmentthrough capability assessment, training, coaching & feedback, mentoring, etc.
