Job Description

Role Summary 
We are looking for a highly skilled and experienced Senior DevOps Engineer to be the 
definitive expert in securing our entire software supply chain, with a primary focus on our 
GitHub Enterprise Cloud environment. You will be responsible for designing, implementing, 
and enforcing security controls, automation, and governance to ensure our code, 
configurations, and CI/CD pipelines meet the highest security standards.

 Key Responsibilities (Must-Haves) 
The candidate must demonstrate proven, hands-on experience in the following areas: 
● GitHub Security & Governance: 
○ Serve as the primary administrator and security lead for GitHub Enterprise 
Cloud. 
○ Design and enforce organization-wide security policies, including Branch 
Protection Rules, user permissions, and repository creation standards. 
○ Deep expertise in implementing and leveraging GitHub Advanced Security 
(GHAS) features: Code Scanning (CodeQL), Secret Scanning, and 
Dependency Review. 
● DevSecOps Automation: 
○ Integrate security tools directly into the CI/CD pipeline using GitHub Actions. 
○ Automate security checks for static code analysis (SAST), dynamic analysis 
(DAST), and software composition analysis (SCA). 
○ Manage and secure sensitive credentials using a Secrets Management 
platform (e.g.Azure Key Vault). 
● Identity and Access Management (IAM): 
○ Maintain and optimize the secure integration of GitHub with our Identity 
Provider (IdP) for Single Sign-On (SSO) and automated provisioning (SCIM). 
○ Implement and enforce Least Privilege Access models for users, teams, 
and CI/CD service accounts (e.g., using OIDC with GitHub Actions). 
● Infrastructure as Code (IaC) & Auditing: 
○ Implement and maintain GitHub configurations as code using Terraform or 
equivalent tools for version control, auditability, and consistency. 
○ Develop automated scripts (Python/Bash) for security reporting, drift 
detection, and remediation within the GitHub ecosystem. 
 

 Desirable Qualifications (Good-to-Haves) 
The ideal candidate will also bring experience in these value-add areas: 
● Advanced CI/CD & Cloud: 
○ Experience with cloud security principles and securing pipelines that deploy 
to Azure. 
○ Knowledge of OIDC implementation for secure, keyless deployment from 
GitHub Actions to cloud environments. 
● Compliance & Risk: 
○ Experience in designing automated vulnerability triage and ticketing 
workflows (e.g., integrating GHAS alerts into Jira). 
● Community and Mentorship: 
○ Proven ability to work with development teams, fostering a "security 
champion" culture and driving the adoption of secure development practices. 
○ Experience writing, reviewing, and hardening custom GitHub Actions. 
 

 Required Experience & Skills 
● 5+ years of experience in a DevOps, SRE, or Application Security role. 
● 3+ years of dedicated experience administering and securing GitHub Enterprise. 
● Expert proficiency with Git and advanced Git workflows. 
● Expertise with Infrastructure as Code (Terraform.). 
● Strong scripting skills (Python preferred). 
● Excellent communication and cross-team collaboration skills.

● 5+ years of experience in a DevOps, SRE, or Application Security role. 
● 3+ years of dedicated experience administering and securing GitHub Enterprise. 
● Expert proficiency with Git and advanced Git workflows. 
● Expertise with Infrastructure as Code (Terraform.). 
● Strong scripting skills (Python preferred). 
● Excellent communication and cross-team collaboration skills.