About the role
DevSecOps Security Lead Remote: CST Contract: 6 months + ext Rate: $94 t4 or $105 t4a
Required Skills & Experience • 5+ years of experience in DevSecOps, Application Security, or security engineering roles within enterprise/regulatory environments • Hands-on experience assessing and securing CI/CD pipelines, including workflow/YAML review and validation • Strong understanding of secure software delivery lifecycle (build, test, deploy) • Experience evaluating and validating security controls within DevOps workflows • Knowledge of common CI/CD risks (e.g., secrets management, dependency vulnerabilities, pipeline integrity, access controls) • Experience conducting structured risk assessments, documenting findings, and recommending remediation strategies • Experience supporting security tooling evaluations, proof-of-concepts, or vendor assessments • Ability to translate security requirements into practical pipeline controls and validation steps • Strong collaboration experience working with DevOps, Platform Engineering, and development teams • Excellent written communication skills with the ability to produce audit-ready documentation and reporting
Nice to Have Skills & Experience • Experience supporting large-scale or federated DevOps environments • Exposure to cloud-based CI/CD pipeline architectures • Familiarity with governance, risk, and compliance (GRC) frameworks within CI/CD environments • Experience contributing to standardized pipeline definitions or enterprise DevOps patterns
Job Description Insight Global is looking for a DevSecOps Security Lead to join a large banking client on a 6-month contract with high likelihood of extension. This role is remote (Canada/US, CT preferred hours 9am–5pm). The successful candidate will support enterprise-wide CI/CD security initiatives across DevOps platforms. This is a hands-on, execution-focused role working closely with Application Security and Platform Engineering teams to assess pipeline risks, validate security tooling, and improve compliance across DevSecOps workflows. Primary responsibilities include conducting structured assessments of CI/CD pipelines, validating tooling through proof-of-concepts, reviewing YAML-based workflows, identifying security gaps, and producing audit-ready documentation and compliance reporting. The candidate will also partner with DevOps teams to ensure feasibility of remediation efforts and help improve scalability and governance across pipeline environments.
Please Note: We may use artificial intelligence tools to assist with the screening, assessment, or selection of potential applicants for this position.