Digital DevSecOps Engineering Manager

Job Description:

The DevSecOps Engineering Manager will lead a team responsible for building, securing, and operating cloud‑native infrastructure and CI/CD platforms. This role combines deep technical expertise with strong leadership, enabling the organization to deliver secure, scalable, and reliable applications. The ideal candidate brings a security‑first mindset, thrives in fast‑moving environments, and excels at guiding engineers while partnering with cross‑functional teams.

Key Responsibilities

Leadership & Team Management

• Lead, mentor, and develop a team of DevSecOps engineers, fostering a culture of ownership, collaboration, and continuous improvement.
• Set clear goals, performance expectations, and career development plans for team members.
• Manage resource allocation, workload distribution, and hiring to ensure the team can meet delivery and operational commitments.
• Communicate priorities, risks, and capacity constraints to stakeholders to ensure alignment and realistic expectations.
• Drive cross‑functional collaboration with engineering, security, product, and operations teams.

Cloud Engineering & Operations

• Oversee the design, implementation, and optimization of cloud infrastructure (AWS, Azure, or GCP) with a focus on reliability, scalability, and cost efficiency.
• Ensure operational excellence across cloud environments, including monitoring, incident response, and performance tuning.
• Guide the adoption and maintenance of Infrastructure as Code (Terraform, CloudFormation, Pulumi).
• Lead the management of container orchestration platforms (Kubernetes, ECS, AKS, GKE) and ensure secure, efficient cluster operations

DevSecOps, Automation & Platform Engineering

• Architect and maintain secure CI/CD pipelines with automated testing, scanning, and compliance checks.
• Champion security‑by‑design principles throughout the SDLC, partnering closely with development teams.
• Oversee implementation of secrets management, identity and access controls, and policy‑as‑code frameworks.
• Drive automation initiatives to reduce manual work, improve reliability, and accelerate delivery.

Security & Compliance

• Lead threat modeling, vulnerability management, and risk assessments across cloud and application environments.
• Ensure adherence to compliance frameworks (SOC 2, ISO 27001, NIST, PCI, HIPAA depending on the organization).
• Oversee monitoring and response to security events using SIEM, CSPM, and cloud‑native security tools.
• Promote a culture of secure engineering practices across the organization.

Operational Excellence

• Lead incident response efforts and participate in on‑call rotations as needed.
• Ensure robust observability through dashboards, alerts, and monitoring tools (Prometheus, Grafana, Datadog, CloudWatch).
• Drive root cause analysis and implement long‑term improvements to prevent recurring issues.
• Maintain documentation, runbooks, architectural diagrams, and operational standards.

Job Requirements:

• Education: Bachelor’s degree in business, Computer Science, or a related field. MBA or advanced degree is a plus.
• Experience: 10+ years of experience in DevSecOps, Cloud Engineering, or Site Reliability Engineering role.
• Proven experience in a DevSecOps, Cloud Engineering, or Site Reliability Engineering role.
• Prior experience managing or leading engineering teams.
• Strong expertise with at least one major cloud provider (AWS, Azure, or GCP).
• Hands‑on experience with CI/CD pipelines and automation frameworks.
• Solid understanding of Linux systems, networking, and troubleshooting.
• Experience with containers and orchestration (Docker, Kubernetes).
• Familiarity with security tooling (SAST, DAST, SCA, SIEM, CSPM, IAM).
• Proficiency with scripting languages (Python, Bash, PowerShell).
• Experience with IaC tools (Terraform, CloudFormation, ARM, Pulumi).

Preferred

• Certifications such as AWS Solutions Architect, Azure Administrator, Security+, CISSP, or Kubernetes CKA/CKS.
• Experience with zero‑trust architectures and policy‑as‑code (OPA, Sentinel).
• Background in incident response or security operations.
• Knowledge of microservices architecture and API security.

Soft Skills

• Strong communication and stakeholder management.
• Ability to balance security, speed, and operational stability.
• Strategic thinking with a hands‑on, problem‑solving mindset.
• Ability to lead through ambiguity and fast‑paced environments.
• Commitment to mentorship, team growth, and inclusive leadership.

#LI-RJ1

#LI-Remote

IND123

Target Market Salary Range:

Actual compensation packages take into account a wide range of factors that are unique to each candidate, including but not limited to geographic location; skill sets; relevant education and certifications; depth of experience; performance; and other business and organizational needs. The disclosed reasonable estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled.  At Envista, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. The total compensation package for this position may also include an annual performance bonus, medical/dental/vision benefits, 401K match, and/or other applicable compensation plans.

Operating Company:

Envista is a global leader in the dental industry, uniting more than 30 trusted brands—including DEXIS, Kerr, Nobel Biocare, and Ormco—under one mission: partnering with dental professionals to improve patients’ lives. With a heritage of category-defining innovation, our brands have shaped modern dentistry: Nobel Biocare introduced the first dental implant, Ormco is a pioneer in both traditional and digital orthodontics, DEXIS has long been at the forefront of 2D, 3D and intraoral imaging, and Kerr has supported clinicians for over 135 years. Our high-performing culture is underpinned by our CIRCLe Values and the Envista Business System. Guided by these, we deliver a comprehensive portfolio of technologies, consumables, and services that empower clinicians to provide confident, efficient care—today and for the future. Learn more at http://envistaco.com.

Envista and all Envista Companies are equal opportunity employers that evaluate qualified applicants without regard to race, color, national origin, religion, sex, age, marital status, disability, veteran status, sexual orientation, gender identity, or other characteristics protected by law. The “EEO is the Law” poster is available at: http://www.dol.gov/ofccp/regs/ compliance/posters/pdf/eeopost.pdf.

Envista and its family of companies (Envista) will not accept unsolicited resumes from any source other than directly from a candidate.  Envista will consider unsolicited referrals and/or resumes submitted by vendors such as search firms, staffing agencies, professional recruiters, fee-based referral services and recruiting agencies (Agency) to have been referred by the Agency free of charge and Envista will not pay a fee for any placement resulting from the receipt such unsolicited resumes.  An Agency must obtain advance written approval from Envista's internal Talent Acquisition or Human Resources team to submit resumes, and then only in conjunction with a valid fully-executed contract approved by the Global Talent Acquisition leader and in response to a specific job opening.  Envista will not pay a fee to any Agency that does not have such agreement and written approval in place.