About TresVista & Descrial
TresVista is a global platform providing sophisticated solutions to clients combining domain expertise, technology, and human capital. Our unique model allows clients to achieve excellence through embracing best in class AI and human capital with an offshore resource model.
Descrial, the dedicated technology product unit, is at the forefront of innovation leveraging AI and intelligent automation to build workflow-native solutions. Our approach goes beyond traditional product development, integrating design research, data engineering, and applied AI to build solutions that are scalable, evidence-based, and user-centric. For experienced product leaders and technologists. Descrial offers the opportunity to define next-generation tools that transform how investment professionals interact with data and make decisions.
Descrial is focused on building solutions delivering smarter and faster ways to conduct diligence, analysis, and make investment decisions.
Role Overview
Lead the organization's DevSecOps strategy by architecting secure CI/CD frameworks, implementing cloud security controls, and driving automation at scale. Manage a team, enforce security standards, oversee compliance, and integrate advanced security tooling while collaborating across teams to ensure robust, enterprise-grade security posture.
Key Role Deliverables:
- Architect and lead the implementation of secure, scalable CI/CD pipelines and DevSecOps frameworks
- Define and own DevSecOps strategy and roadmap aligned with business and risk objectives
- Drive security automation across the SDLC: SAST, SCA, DAST, IaC scanning, SBOM, secrets scanning, container security, and runtime protection
- Lead threat modeling, architecture risk assessments, and secure design reviews
- Own Kubernetes and cloud platform strategy across AWS/Azure/GCP
- Oversee Infrastructure as Code using Terraform, CloudFormation, ARM/Bicep
- Establish organization-wide security guardrails, governance, and best practices
- Implement and maintain monitoring & logging using Prometheus, Grafana, Loki, ELK
- Define IAM, access governance, RBAC, and Zero-Trust policies across platforms
- Drive production security posture, incident readiness, vulnerability remediation, and RCA
- Mentor DevOps and security engineers, lead cross-functional collaboration, and influence technical decisions
- Optimize operational performance, reliability, and security posture across environments
- Define security KPIs/metrics, dashboards, and executive reporting
- Support compliance, audit readiness, regulatory requirements, and risk functions
Skills & Experience:
- 812+ years in DevOps/SRE/Cloud roles, with 4+ years in DevSecOps
- Deep experience with CI/CD tools (Jenkins/GitHub Actions/Azure DevOps/GitLab)
- Strong hands-on expertise in Kubernetes, Docker, Helm, Nginx, and cloud security controls
- Advanced scripting (Python, Bash, PowerShell)
- Strong background in secure architecture and distributed systems security
- Expertise in IAM, Identity Governance, RBAC, and Zero-Trust implementations
- Experience with platform engineering / Internal Developer Platforms (IDPs) is highly desirable
- Familiarity with supply chain security, runtime protection, and secret management (Vault/ASM/KeyVault)
- Proven leadership ability to drive platform transformation and mentor teams
- Experience supporting audits and working with risk/compliance teams
Education & Certification
- Bachelor's or Master's in CS/IT/Engineering (or equivalent)
- Highly Preferred Certifications: CKS, CKA, AWS/Azure/GCP Security, CISSP/CCSP
Compensation:
The compensation structure will be as per industry standards
