ROLE SUMMARY
The DevSecOps Architect is responsible for establishing secure-by-default delivery pipelines, infrastructure-as-code discipline, and compliance-aligned release practices for the SoapBox platform.
This role defines the system of delivery, not just tooling.
ENGAGEMENT MODEL
- 1–2 days per week during MVP-1
- Advisory + hands-on setup
- Ownership of initial frameworks, not daily operations
KEY RESPONSIBILITIES
Pipeline Architecture
- Design CI/CD pipelines for APEX, PL/SQL, and OCI infrastructure
- Define promotion strategies across environments
- Implement quality and security gates
Infrastructure as Code
- Define IaC standards for OCI using Terraform or equivalent
- Ensure environment reproducibility and drift control
- Establish secure secrets management
Security Integration
- Embed SAST/DAST where applicable
- Define vulnerability scanning and remediation workflows
- Ensure secure artifact management
REQUIRED QUALIFICATIONS
- 10+ years in DevOps / DevSecOps
- Strong OCI experience
- Experience supporting regulated systems
- Proven ability to design delivery systems from scratch
ASSESSMENT PARAMETERS
- Security-first mindset
- Balance of pragmatism and rigor
- Clarity of delivery architecture
- Experience under audit conditions
