Job Specifications
Are you interested in working with the World’s leading AI-powered Quality Engineering Company? Ready to advance your career, team up with global thought leaders across industries and make a difference every day? Join us at Qualitest!
We are looking for a DevSecOps Release Manager to join our growing team in United States
Location: Remote - Travel to Maryland when required
Must Haves
End to end release ownership across applications, ensuring timelines, dependencies, and risks are tightly managed.
Hands on CI/CD engineering expertise, including building, maintaining, and troubleshooting pipelines.
Strong DevSecOps discipline with integrated security controls and solid change/incident management.
Job Description
Integration planning with other apps.
Release Planning & Governance
Own the maintenance of end-to-end release calendar, milestones, and scope across applications/services and environments (dev/test/stage/prod).
Facilitate release planning ceremonies: scope reviews, go/no-go, readiness checkpoints, cutover rehearsals, and PIRs (post-implementation reviews).
Coordinate with Modern Sales and Shared Services teams to align release content, dependencies, and windows.
Ensure adherence to the Management Model SOPs for change, risk, approvals, and documentation.
Change, Incident, & Ticket Management, Including
Own all release-related tickets and workflows in the designated system (e.g., Change Requests, Release Records, CAB submissions, approvals).
Ensure tickets meet SOP criteria: correct metadata, risk ratings, rollback/contingency plans, test evidence, and stakeholder sign-offs.
Serve as the first escalation point for release incidents; manage war rooms, communications, and coordinated recovery.
Perform root-cause analysis (RCA) and track corrective/preventive actions (CAPA) to closure.
Technical Execution & CI/CD Ownership
Build, operate, and troubleshoot CI/CD pipelines (e.g., YAML pipelines, build agents, artifact/versioning strategy, approvals, gate policies).
Execute release activities hands-on: tagging, packaging, artifact promotion, parameterization, configuration, and deployment orchestrations.
Maintain pipeline-as-code standards, templates, and reusable components for consistency and scale.
Optimize build/test stages (parallelization, caching, selective test runs) to improve lead time and reliability.
DevSecOps & Security-by-Design
Integrate security controls into the pipeline (SAST, SCA, secret scanning, container/image scanning, SBOM generation).
Enforce policy gates for quality and security thresholds (coverage, critical findings, license violations) prior to promotion.
Partner with Security and Compliance to implement vulnerability triage workflows, risk exceptions, and remediation SLAs.
Ensure approved artifacts/process steps, provenance/attestations, and secure supply-chain practices (e.g., least-privileged credentials, key rotation).
Automation & Partnership with Enterprise DevOps
Collaborate with the Enterprise DevOps team to automate release and build processes end-to-end (infrastructure, pipelines, testing, deployments).
Contribute to and adopt enterprise standards (tooling, runners/agents, templates, guardrails, observability).
Drive “shift-left” automation: automated environment provisioning, config-as-code, test data seeding, and blue/green/canary strategies.
Champion infrastructure-as-code (IaC) practices for environment consistency and repeatability (e.g., Terraform/Bicep/ARM/Ansible).
Quality & Testing Integration
Ensure test strategy coverage per release: unit, integration, API, performance, security, and UAT.
Enforce quality gates in pipelines (test pass rates, defect leakage thresholds, performance baselines).
Coordinate test data management and environment readiness; prevent “test flakiness” via stabilization efforts and quarantines.
Ensure IT Testing is attached for each User Story, includes following up proactively throughout the release for testing evidence as stories are sent for PR review.
Environment & Configuration Management
Manage environment (Production is primary, but will also have responsibilities on lower environments), including sequencing, freeze windows, and promotion paths (dev → test → staging → prod).
Oversee configuration and secrets management aligned with enterprise standards
Observability & Operational Readiness
Validate monitoring, logging, and alerting are in place pre-release (dashboards, SLOs/SLIs, runbooks).
Conduct release health checks, smoke tests, and progressive rollouts with automated rollback criteria.
Maintain up-to-date runbooks, playbooks, and support handoffs for on-call readiness.
Documentation & Compliance
Maintain a single source of truth for release notes, change logs, deployment instructions, and rollback plans.
Ensure audit-ready records: approvals, evidence, control adherence, and traceability from commit → build → artifact → release.
Keep SOPs current; propose improvements based on ret