DEVSECOPS LEAD

Be #InGoodHands with Metrobank

Here at Metrobank, we don't simply hire employees—we hone future leaders. We provide opportunities that enhance your skills and unlock your talents, helping you evolve into a well-rounded individual. We supply you with all the pieces you need to do your best work, unleashing your full potential to help you secure your future and lead a fulfilling career. And with Metrobank's strong heart for the community, you have the chance to give back and make worthwhile contributions to our nation's economic and social development. With Metrobank, a meaningful life is within your reach!

Position Title: DEVSECOPS LEAD

Job Summary:

The DevSecOps Lead leads the strategy, execution, and cultural shift required to embed modern DevSecOps practices across the enterprise. This role will lead the enablement of secure, stable and automated software delivery practices across the core IT organization, while actively collaborating with Information Security, Core Banking, Digital Banking and other key IT enablers of the bank who operate outside of Information Technology Group (ITG). 

Duties and Responsibilities:

· Lead the DevSecOps roadmap and promote agile, secure, and automated delivery across the enterprise

· Drive collaboration and change across software development, infrastructure and information security to support IT modernization

· Modernize the software delivery pipeline using Continuous Improvement/Continuous Deployment (CI/CD), Infrastructure as Code (IaC), and automated quality/security gates.

· Redesign release management and environment provisioning processes to reduce bottlenecks and manual handoffs.

· Advance “shift-left” security by embedding security controls early into the software development lifecycle, including static and dynamic code analysis, open-source risk management, and vulnerability detection into early stages of development.

· Lead the definition of IT environment strategy and lifecycle management covering non-production, production and disaster recovery systems. 

· Set-up and monitor governance metrics to track adoption of secure development practices and ensure alignment with enterprise risk and compliance goals. 

· Mentor teams on reliability engineering, automated testing, code quality, and incident management

· Drive continuous improvement of the DevSecOps practice by staying current with emerging technologies, evolving security regulations, industry best practices and ensuring these are integrated into delivery pipelines and team capabilities

· Support IT initiatives that affect delivery pipelines by ensuring alignment to DevSecOps practices, automation standards and security requirements.

Qualifications:

·  More than 5 years experience

·  At least 2 years of Security experience (Application Security and Infrastructure Security)

·  Strong experience in system environment maintenance and strategic planning

·  Knowledge in Continuous Integration and Continuous Deployment (CI/CD)

·  Experience with Infrastructure as Code (IaC)

·  Proficient in Automated Testing

·  Familiar with Shift‑Left Security practices (static and dynamic code analysis, open‑source risk management)

Other Details:

Rank: Junior Officer – Senior Officer

Unit: Information Technology Group

Office Location: Metrobank Center, BGC