DevSecOps Lead

About the role

PHINIA: Advancing sustainability today, powering a cleaner tomorrow. PHINIA is an independent, market-leading, premium solutions and components provider with over 100 years of manufacturing expertise and industry relationships, with a strong brand portfolio that includes DELPHI®, DELCO REMY® and HARTRIDGE™. With over 12,500 employees across 43 locations in 20 countries, PHINIA is headquartered in Auburn Hills, Michigan, USA. At PHINIA, we Provide fuel systems, electrical systems, and aftermarket products and solutions of the highest quality - developed and manufactured responsibly - that are designed to enhance efficiency and reduce the environmental impact of vehicles, industrial machinery, and other applications. In doing so, we contribute to a cleaner tomorrow, treat our people and surrounding communities with respect, and hold ourselves accountable to robust ethical standards. Our Culture PHINIA promotes and cultivates an inclusive culture and diverse perspectives, strives to maintain its reputation for excellence, thrives on the power of collaboration, and fosters the development of our talented employees. We believe in making a positive impact through our business and actions, and we take our collective responsibility seriously. Career Opportunities We believe in building a brighter tomorrow for our employees as well as our customers and encourage you to learn about our long history, strong culture, new technologies, and future vision. We offer a strong local presence and interesting global opportunities. Join us on this shared journey toward a brighter tomorrow. JOB PURPOSE PHINIA is seeking a DevSecOps Lead to own the strategy and execution of secure software delivery across PHINIA. This role embeds security-by-design into CI/CD pipelines and infrastructure‑as‑code, enables shift‑left testing, and drives operational resilience (observability, reliability, and recovery) for applications and services. Partnering with Infrastructure, Security Architecture, and Application teams, the DevSecOps Lead standardizes tooling and practices globally to improve speed, stability, and security of releases while optimizing cost and reducing risk.

Responsibilities

• Own the vulnerability remediation program across infrastructure (servers, endpoints, network, cloud, containers), driving SLA‑based closure of CVEs, configuration drift, and misconfigurations.
• Lead penetration test finding remediation-triage issues, assign owners, track fixes to closure, validate compensating controls, and report status to Security leadership.
• Drive End‑of‑Life (EOL/EOS) remediation for OS, middleware, databases, network devices, and toolchains; plan upgrades/migrations and enforce standards to eliminate unsupported tech.
• Run a cross‑functional Security Operations cadence with Security, Infrastructure, and Application teams-prioritize risks, coordinate change windows, remove blockers, and publish weekly progress dashboards.
• Maintain a risk‑based backlog of security defects (CVEs, pentest items, EOL tech, policy gaps), aligning remediation to business impact, asset criticality, and exploitability.
• Operationalize scanning and detection: ensure continuous vulnerability scanning, cloud posture assessment, container image scanning, and config baselines are in place and healthy.
• Integrate remediation into ITSM workflows (Incident/Problem/Change); define RFC packages, backout plans, test evidence, and ensure CAB approvals for security changes.
• Partner with Cloud/Infra teams to enforce secure baselines (CIS, hardening guides), Zero Trust controls, network segmentation, and identity‑aware access for privileged operations.
• Establish and track remediation SLAs, MTTR, risk burn‑down, and coverage metrics; escalate non‑compliance and drive executive visibility on risk posture.
• Coordinate patch management motion: monthly cycles, emergency out‑of‑band patches, and validation/telemetry for success rates; reduce maintenance window impact.
• Ensure asset/CMDB accuracy and criticality tagging to improve scan coverage, prioritization, and reporting fidelity.
• Embed security into pipelines where applicable (e.g., infra as code scanning, container/Docker/K8s policy checks) and enforce SBOM usage for infrastructure artifacts.
• Produce clear reporting for leadership: trends, blocked items, high‑risk assets, EOL exposure, pentest closure rates, and upcoming change plans.
• Drive automation‑first remediation (PowerShell/Python/Ansible/Terraform modules), at‑scale config enforcement, and auto‑ticketing/auto‑patching where feasible.
• Collaborate with SOC/Detection teams to validate exploit attempts, correlate findings with vulnerabilities, and prioritize urgent remediations.
• Lead readiness exercises (tabletops, DR/BCP touchpoints) for security changes with high blast radius; ensure rollback, validation, and communications plans.
• Coach infra/app teams on secure operations practices, EOL planning, and remediation playb

Benefits

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at phinia? Share your experience