DevSecOps Lead

Responsibilities

• Ensure security is embedded into CI/CD pipelines by delivering scalable, automated tooling and integrated security checks ( SAST , DAST , SCA , secret scanning);
• Enable secure-by-default development by designing and implementing automated, policy-driven security review workflows;
• Establish robust security guardrails within AI-assisted development and agent workflows to reduce risk while maintaining developer velocity;
• Reduce risk exposure by proactively identifying, assessing, and driving remediation of application security vulnerabilities;
• Strengthen application security posture by leading threat modeling and security assessments for new features and architectural changes;
• Improve detection and response capabilities through the development of automation, tooling, and streamlined vulnerability management processes;
• Elevate cloud and application security by partnering with Infrastructure SecOps to harden Azure environments and deployment practices;
• Enhance external security feedback loops by contributing to and scaling the bug bounty program and vulnerability intake processes.
• A typical week?
• Writing code for security tooling, CI/CD configurations, and automated review workflows;
• Designing and refining policy-based security checks in pipelines;
• Building and improving guardrails for AI-assisted development and agent workflows;
• Participating in architecture and design discussions with engineering teams;
• Collaborating with Infrastructure SecOps on shared security initiatives;
• Triaging and prioritizing security alerts and vulnerabilities;
• Sharing knowledge through pairing, code reviews, and informal coaching.
• What does your future team look like?
• You will join the AI- SDLC team, responsible for building the internal platform that enables AI agents to operate across the Workleap and ShareGate development lifecycle. This includes developing agent pipelines, safety mechanisms, and developer-facing tooling.
• You will work closely with Infrastructure SecOps and partner with multiple product teams across the organization. This is a highly collaborative environment where your impact comes from building scalable solutions and making secure development the default for everyone.
• What are the next challenges awaiting your team?
• Scaling automated security practices across a growing portfolio of SaaS products;
• Deepening security integration within GitHub Actions and CI/CD pipelines;
• Ensuring security guardrails evolve alongside AI-assisted and agentic development workflows;
• Strengthening secure-by-default practices and developer security awareness across teams.

Requirements

• 8+ years of experience in application security, DevSecOps, or security-focused software development;
• Strong software engineering background combined with deep security expertise;
• Deep understanding of web application security principles, OWASP Top 10, and CWE Top 25;
• Hands-on experience performing secure code reviews in C#;
• Experience building and maintaining security automation in CI/CD pipelines (GitHub Actions preferred);
• Solid understanding of Azure cloud services, infrastructure security, and deployment patterns;
• Experience integrating SAST , DAST , SCA , and secret scanning tools into development workflows;
• Pro

Additional Information

ShareGate is the leading Microsoft 365 migration and governance platform, trusted by over 100,000 IT pros for its unmatched simplicity. It offers the simplest, most reliable, and most affordable way to move business data to Microsoft 365. Whether migrating from Google Workspace, file shares, Exchange Online, SharePoint On-Premises, or tenant-to-tenant, ShareGate gets the job done, without surprises. From cloud transformation to M&A integration, it keeps things just damn simple. ShareGate also helps organizations stay in control once their data is migrated. Its powerful governance features let users assess environments, uncover issues, and apply fixes on the spot, so everything stays clean, secure, and optimized. It lays the groundwork for safe Microsoft Copilot deployment within organizations. ShareGate is developed by Workleap Technologies, a Montréal‑based software company. Job Description So, what will your new role look like? As a DevSecOps Lead, you will be an operational individual contributor responsible for embedding security directly into our products, pipelines, and development workflows - with a focus on CI/CD, C#/.NET applications, Azure, and AI-driven software delivery. This is a deeply technical role where you will write code, build tooling, and work closely with developers to ensure security is a natural part of how we build and ship software. You will join the AI- SDLC team, which builds internal platforms and tooling that enable AI agents to operate across the development lifecycle. Your mission will be to ensure that security is integrated from the ground up across these tools, pipelines, and agentic workflows-enabling secure-by-default product development at scale.

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at sharegateen? Share your experience