DevSecOps Manager at Paylocity
Don't just land a job. Launch your future.
Our all-in-one software platform gives HR pros a way to easily manage daily tasks in payroll, benefits, talent, and workforce management.
But what makes us different is that our technology is backed by a culture that cares. We care about our team members, clients, and partners - because people matter most. And people have always been at the heart of our business.
Since our founding in 1997, this is the thing that's stayed the same, from our employees to the millions of users nationwide that access our platform. We pride ourselves on partnering with our clients to build the workplace they and their employees crave.
Let's go forward together.
The DevSecOps Manager is a key member of the Information Security leadership team at Paylocity. He or she is accountable for the ensuring that the DevSecOps team delivers on its mission of ensuring that Paylocity's applications are architected and built in a manner that adequately safeguards the confidentiality, integrity, and availability of client information. The DevSecOps Manager may be called upon to serve as the acting leader of Application Security from time to time when the Application Security Senior Manager is absent.
Reports To: Sr. Manager, Application Security
The primary responsibilities of the position follow. Other duties may be assigned as needed.
- Manages major application security projects and initiatives to their successful conclusion, on time and at or under budget
- Manages the schedule and expectations of internal partners for application security service delivery, ensuring that work is evenly distributed and timely
- Keeps the DevSecOps team's expenses in line with the overall Information Security department's budget
- Ensures that metrics and key performance indicators (KPIs) for application security service delivery are created and maintained
- Uses influence and persuasion to get those outside of his or her direct control to take actions that benefit Paylocity's overall security posture
- Exhibits thought leadership in the application security space, e.g., through speaking engagements, authorship, etc.
- Addresses minor application security related issues / problems in a timely manner to stop them from becoming major issues / problems
- Continuously works to improve the quality, efficiency, and consistency of application security service delivery
- Works towards embedding application security considerations and processes into Paylocity's software development lifecycle
- Manages the relationships between Paylocity and its application security vendors, e.g., application security tool suppliers such as Static and Dynamic Testing tool providers etc.
- Partners well with other teams within the Information Security department and their managers to seamlessly deliver services or projects jointly
- Utilizes a risk-based approach to prioritize the efforts of the DevSecOps team
- Maximizes the utilization of limited resources and leverages automation to increase capacity where feasible
- Aligns application security goals and objectives with higher level Information Security department and organizational goals and objectives
- Stays on top of changes in Paylocity's applications and technical architecture to identify changes in areas of excessive risk and to assist with resource allocation
- Regularly communicates the current status of service delivery, projects, initiatives, morale, etc. to the AppSec Senior Manager and other stakeholders, as necessary
- Finds ways to scale up application security service delivery by embedding security tasks within roles outside of the DevSecOps team, e.g., Software Engineers, QA professionals
- Ensures that all Paylocity applications are regularly scanned for security related bugs or design flaws
- Ensures that all Paylocity Product Development personnel are trained on secure design and coding techniques
- 5-7 years' experience within an application security
- Previous people management experience
- Bachelor's degree with a preference for computer science, information security, management information systems, or similar major
- Master's degree (MBA or MS) is preferred, but not required
- Experience with application security tools such as static application security testing (SAST) software, dynamic application security testing (DAST) software, web application firewalls (WAF), open-source security testing tools (SCA), etc.
- Familiarity with application security standards and advocacy groups such as OWASP and BSIMM is required
- Knowledge of agile development frameworks and DevOps
- Able to deal with challenging and stressful situations
- Project management & presentation delivery skills
- Effective communication skills (written and verbal)
- Budget management experience preferred
- Service management / delivery knowledge preferred
- Knowledge of process design and improvement methods preferred
- Experience in a payroll, technology, or software company preferred
Our journey forward.
Paylocity strives to create an organizational culture where every employee has a voice, feels truly welcome, appreciated, and free to be themselves, and is empowered and enabled to do their best work. A strong commitment to diversity, equity, and inclusion is critical to creating such a culture.
We've made great strides to support diversity, equity, and inclusion. That being said, we realize there's still room for improvement. Our current focus is on the following initiatives:
- Education & Awareness
- Client Community
- Company Representation
- Advocacy & Support
- Fairness & Equality
- PCTY Gives
This job description has been written to provide an accurate reflection of the current job and to include the general nature of work performed. It is not designed to contain a comprehensive detailed inventory of all duties, responsibilities, and qualifications required of the employees assigned to the job. Management reserves the right to revise the job or require that other or different tasks be performed when circumstances change.
This role can be performed from any office in the US. The pay range for this position in Colorado is $134,200 - $201,000 /yr; however, base pay offered may vary depending on job-related knowledge, skills, and experience. This position is eligible for an annual bonus and restricted stock unit grant based on individual performance in addition to a full range of benefits outlined here. This information is provided per the Colorado Equal Pay for Equal Work Act. Base pay information is based on market location. Applicants should apply via www.paylocity.com/careers.