Skip to main content
Posted 06 July, 2026

AVP - DevSecOps Lead Security Engineer

ExlService Holdings, Inc.
Noida, Uttar Pradesh, India Full Time
Reference: 218_689623_16708

Strategy & Leadership
  • Define and own the DevSecOps and AI Security strategy, roadmap, and operating model aligned to business and regulatory needs.
  • Act as a senior advisor to engineering, platform, AI, and product leaders on secure architecture and risk trade-offs.
  • Build and scale high-performing DevSecOps and AppSec teams; mentor other team members.
  • Represent security in executive forums, client discussions, audits, and risk reviews.
DevSecOps & Platform Security
  • Lead security integration across CI/CD pipelines using Jenkins, GitHub/GitHub Actions, and similar tooling.
  • Establish enterprise standards for:
    • Secure build pipelines
    • Secrets management
    • IaC security (Terraform / CloudFormation)
    • Dependency and supply-chain security
  • Drive adoption of automated security controls: SAST, DAST, SCA, API security, container scanning.
Application Security
  • Oversee application security programs including threat modeling, secure design reviews, and vulnerability management.
  • Monitor and improve the daily operations and BAU activities.
AI / GenAI Security
  • Establish guardrails for AI/GenAI solutions, including LLM-based apps, RAG pipelines, and agentic workflows.
  • Assess and mitigate risks such as prompt injection, data leakage, insecure integrations, model abuse, and third-party AI risk.
  • Embed AI security controls into DevSecOps/MLOps pipelines (MLSecOps).
Governance, Risk & Compliance
  • Translate regulatory and client security requirements into practical engineering controls.
  • Own security metrics, risk reporting, control evidence, and audit readiness.

Ensure alignment with frameworks such as NIST, ISO 27001, SOC 2, OWASP (including LLM Top 10), and emerging AI standards.

  • Bachelor's/master's degree in engineering, Computer Science, or related field.
  • 10-14+ years in cyber security, DevSecOps, cloud security, or application security roles.
  • Certifications such as CISSP, CCSP, CISM, or cloud security certifications are a plus.

Sign up for Job Alerts