DevSecOps Advisor / GRC Architect

Vaco
$160,000.00 - $200,000.00 / yr
401(k), retirement plan
United States, Tennessee, Memphis
Aug 08, 2025
Vaco is actively seeking a DevSecOps Advisor / GRC Architect to support our client's continued growth by ensuring a well-defined IT security and compliance posture. This is a unique direct-hire opportunity to join a stable and growing global manufacturing organization that is a respected leader in their field. Position Summary DevSecOps Advisor / Compliance Architect is responsible for guiding enterprise-wide IT security and compliance integration across a global SAP and SDLC environment. This strategic role bridges software development, ERP customization, application security, and operations with a strong focus on GRC, NIST, SOX, and secure SDLC practices. The ideal candidate brings both technical acumen and governance expertise; acting as a liaison between technical development teams, security, audit, and business stakeholders. This is a hands-on advisory role, with a strong emphasis on architecting visibility, automating compliance, and enabling proactive reporting through dashboarding and integrated controls. Key Responsibilities: Serve as a DevSecOps SME and strategic advisor across enterprise ERP / custom development landscapes. Develop and implement security and compliance guardrails within CI/CD pipelines and development workflows. Champion OWASP best practices (e.g., Top 10, ASVS, SAMM) in application design, development, and code review processes. Translate and convey regulatory frameworks (NIST, SOX, GDPR, etc.) into actionable technical standards and procedural controls. Build and maintain compliance dashboards, real-time risk visibility tools, and automated reporting for business stakeholders, developers, and internal / external auditors. Integrate and automate security scanning, policy enforcement, and change management processes into DevOps toolchains. Guide teams through secure SDLC principles, threat modeling, and risk assessment for new and legacy environments. Support internal/external audit cycles and stakeholder interactions to provide evidence of control effectiveness. Champion a culture of compliance by strategic design and continuous improvement across a global enterprise. Technical Skills & Knowledge: Minimum of 5 years of dedicated experience in DevSecOps, AppSec, Security Architecture, or GRC-adjacent roles. Strong working knowledge of security/GRC development, custom app development, and CI/CD pipelines. Deep familiarity with NIST 800-53, SOX, OWASP Top 10, and secure SDLC frameworks. Proven experience designing or deploying automated compliance and monitoring dashboards (e.g., Splunk, Power BI, SAP GRC, or custom solutions) Hands-on experience with DevSecOps tooling: GitLab CI, Azure DevOps, Jenkins, Checkmarx, Snyk, HashiCorp Vault, etc. Background in manufacturing or similar is preferred. Familiarity with SAP S/4HANA, SAP Cloud, and modern ERP security architectures is a plus. Training / Certifications: CISSP, CISA, CRISC, SAP Security, or OWASP based training is desired. Additional Details: Employment Type: Direct-Hire / Perm Start Date: Immediate Location: Remote Primary Cadence: CST business hours / Monday - Friday Travel: Limited Target Compensation: $150k - $165k plus Bonus Engagement Status: No form of sponsorship or employment arrangements are being considered at this time. Interested Candidates are Encouraged to Apply for Immediate Consideration! Determining compensation for this role (and others) at Vaco/Highspring depends upon a wide array of factors including but not limited to the individual's skill sets, experience and training, licensure and certifications, office location and other geographic considerations, as well as other business and organizational needs. With that said, as required by local law in geographies that require salary range disclosure, Vaco/Highspring notes the salary range for the role is noted in this job posting. The individual may also be eligible for discretionary bonuses, and can participate in medical, dental, and vision benefits as well as the company's 401(k) retirement plan. Vaco by Highspring values a diverse workplace and strongly encourages women, people of color, LGBTQ+ individuals, people with disabilities, members of ethnic minorities, foreign-born residents, and veterans to apply. EEO Notice Vaco by Highspring is an Equal Opportunity Employer and does not discriminate against any employee or applicant for employment because of race (including but not limited to traits historically associated with race such as hair texture and hair style), color, sex (includes pregnancy or related conditions), religion or creed, national origin, citizenship, age, disability, status as a veteran, union membership, ethnicity, gender, gender identity, gender expression, sexual orientation, marital status, political affiliation, or any other protected characteristics as required by federal, state or local law. Vaco by Highspring and its parents, affiliates, and subsidiaries are committed to the full inclusion of all qualified individuals. As part of this commitment, Vaco by Highspring and its parents, affiliates, and subsidiaries will ensure that persons with disabilities are provided reasonable accommodations. If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact HR@vaco.com . Vaco by Highspring also wants all applicants to know their rights that workplace discrimination is illegal. By submitting to this position, you agree that you will be giving Vaco by Highspring the exclusive right to present your as a candidate for the foregoing employment opportunity. You further agree that you have represented information about yourself accurately and have not affirmatively misrepresented your qualifications. You also agree to maintain as confidential, to the fullest extent permitted by law, any information you learn from Vaco by Highspring about the position and you will limit disclosure of information about the position only to the extent necessary to perform any obligations in furtherance of your application. In exchange, Vaco by Highspring agrees to exercise reasonable efforts to represent you through all solicitation, job screening and resume dispersal. Privacy Notice Vaco by Highspring and its parents, affiliates, and subsidiaries ("we," "our," or "Vaco by Highspring") respects your privacy and are committed to providing transparent notice of our policies. California residents may access Vaco by Highspring HR Notice at Collection for California Applicants and Employees here. Virginia residents may access our state specific policies here. Residents of all other states may access our policies here. Canadian residents may access our policies in English here and in French here. Residents of countries governed by GDPR may access our policies here. Pay Transparency Notice Determining compensation for this role (and others) at Vaco by Highspring depends upon a wide array of factors including but not limited to: the individual's skill sets, experience and training; licensure and certification requirements; office location and other geographic considerations; other business and organizational needs. With that said, as required by local law, Vaco by Highspring believes that the following salary range referenced above reasonably estimates the base compensation for an individual hired into this position in geographies that require salary range disclosure. The individual may also be eligible for discretionary bonuses.