Engineering Manager - DevSecOps - REF8024I

Job Description:

We are looking for a seasoned DevSecOPS leader who is an engineer at heart. One who is passionate about Secured SDLC, about automation, about shifting-left, about using Gen AI to power product teams, about incorporating application security testing into the CI / CD pipelines, about creating a world class DevSecOPS infrastructure and processes for all of the Zscaler’s product teams and last but not the least, about bringing the best out of each of the team members. This role will report to the Sr. Director of Engineering. 

Position Overview

As the Engineering Manager for DevSecOps & Platform Engineering at Zscaler, you will play a crucial role in overseeing a team of highly skilled DevSecOps engineers, DevOps engineers, and developers focused on tool development, including AI/ML-based software solutions. This role requires a blend of hands-on technical expertise, leadership capabilities, and a deep understanding and experience of secured SDLC, application development, test automations, CI/CD pipelines, security scanning, and cloud infrastructure. You will collaborate closely with cross-functional teams to ensure the seamless delivery of secure, scalable, and efficient software products.

Responsibilities:

• • As a leader of the DevSecOps team, you will be responsible for all the operations that caters to multiple development teams. You will be taking hands-on responsibilities at the same time guiding a team of engineers , distributing tasks, tracking progress, facilitating them to make them successful in their functions.
  • Lead the implementation of Scaled Agile Framework (SAFe) across all teams: Apply your knowledge of SAFe practices to streamline development processes, promote agility, and enhance product delivery.
  • Lead product development efforts for internal tools leveraging AI /ML and Code LLM capabilities.
  • Own the end-to-end process for Open-Source License Governance and Vulnerability assessment in software applications developed by several other teams, using tools like Blackduck or Snyk integrated in the CI pipelines.
  • Dev Infra Management: Responsible for administration & maintenance of source control management systems, such as Bit Bucket, Subversion, GitHub, SubGit, & Nexus, CI/CD systems, Artefact management repositories, test beds etc.
  • Design branching strategies, branch access permissions, merge checks, quality gates vi CI build plan integration on pull requests, to allow several teams to work in parallel on multiple product lines.
  • Work with several different teams and develop and manage the Continuous Integration pipelines for applications developed by them in languages like C, C++, Java and Javascript.
  • Responsible for integrating SAST, DAST or IAST tools into the CI / CD pipelines
  • Defining and tracking KPIs related to CI/CD for the development teams
  • Creating deployment pipelines to public cloud infrastructure with adequate gates built in (automated or manually triggered)
  • Train and coach product teams on Devsecops best practices and scaled agile frameworks (SAFe)
  • Responsible for managing the required infrastructure for DevSecOps
  • Responsible for administration and maintenance of Atlassian stack of tools such as JIRA, Bamboo, BitBucket and Confluence

Minimum Qualifications:

• 10 years of hands-on experience in app development, build & release management, setting up CI/CD pipelines, managing various tools required in the software lifecycle, Scripting in shell, Python, Groovy or Programming knowledge on Java / C /C++ with  Unix / Linux systems expertise .
• Minimum 2-4 years of team lead experience
• Experience in domains like Application Security, API Security, DevSecOps , Devops  and AI/ML is preferred .
• Good communicator and motivator
• Expertise in using build tools like Maven, Gradle, NPM, Ant, Make for the building of deployable artifacts.
• Expertise in using tools like Jenkins or Bamboo. Hands-on experience in installing and administering CI tools like Bamboo, Hudson/Jenkins, Sonarqube, Subversion, Nexus or JFrog artifactory.
• Experience with static analysis tools like Synopsys Coverity, Fortify, Veracode etc.
• Experience with Code coverage tools like SonarQube, Jacoco, GCov or Bullseye.
• Experienced in using Docker components like Docker Engine, Hub, Swarm, Docker Registry, handling Docker images primarily for middleware installations and domain configurations. Knowledge of Kubernetes.
• Deep knowledge of automation technologies such as Ansible, Puppet or Chef
• Good experience in converting build.xml into pom.xml in order to build the applications using Maven.
• Excellent leadership skills with a track record of managing high-performing teams.
• Ability to work collaboratively with cross-functional teams.
• Programming exp of Python, JAVA, C, C++ , Javascript, SQL and Postgresql or Mysql.
• Working experience with reporting services like JIRA installation and administration
• Good understanding of the principles and best practices of Software Configuration Management (SCM) in Agile, scrum, and Waterfall methodologies.
• Knowledge of AWS tools (EC2, S3, RDS etc.)
• Strong presentation and communication skills
• Self-motivated, takes ownership and accountability and an empathetic leader who nurtures a team to bring the best out of them.
• Bachelor's Degree in Engineering, CS, MIS, or related field

#LI-VN1