Posted 06 July, 2026
AVP - DevSecOps Lead Security Engineer
ExlService Holdings, Inc.
Noida, Uttar Pradesh, India
Full Time
Reference: 218_689623_16708
Strategy & Leadership
- Define and own the DevSecOps and AI Security strategy, roadmap, and operating model aligned to business and regulatory needs.
- Act as a senior advisor to engineering, platform, AI, and product leaders on secure architecture and risk trade-offs.
- Build and scale high-performing DevSecOps and AppSec teams; mentor other team members.
- Represent security in executive forums, client discussions, audits, and risk reviews.
- Lead security integration across CI/CD pipelines using Jenkins, GitHub/GitHub Actions, and similar tooling.
-
Establish enterprise standards for:
- Secure build pipelines
- Secrets management
- IaC security (Terraform / CloudFormation)
- Dependency and supply-chain security
- Drive adoption of automated security controls: SAST, DAST, SCA, API security, container scanning.
- Oversee application security programs including threat modeling, secure design reviews, and vulnerability management.
- Monitor and improve the daily operations and BAU activities.
- Establish guardrails for AI/GenAI solutions, including LLM-based apps, RAG pipelines, and agentic workflows.
- Assess and mitigate risks such as prompt injection, data leakage, insecure integrations, model abuse, and third-party AI risk.
- Embed AI security controls into DevSecOps/MLOps pipelines (MLSecOps).
- Translate regulatory and client security requirements into practical engineering controls.
- Own security metrics, risk reporting, control evidence, and audit readiness.
Ensure alignment with frameworks such as NIST, ISO 27001, SOC 2, OWASP (including LLM Top 10), and emerging AI standards.
- Bachelor's/master's degree in engineering, Computer Science, or related field.
- 10-14+ years in cyber security, DevSecOps, cloud security, or application security roles.
- Certifications such as CISSP, CCSP, CISM, or cloud security certifications are a plus.