Lead, Dev SecOps (Charlotte, NC/Stamford, CT)

Great company. Great people. Great opportunities.

If you’d like the chance to make your mark with the world’s largest equipment rental provider, come build your future with United Rentals!

As a Lead, Dev SecOps , you will own pipeline security, Cisco AI Defense operations, and code hardening practices across the development estate. You will partner with Engineering and Software Development to embed security into every stage of software delivery while operationalizing runtime AI protection for customer-facing LLM features. Oversee a virtual team comprised of dedicated Dev SecOps members and shared resources from other teams. Build a security champions network across development teams and serve as a technical advisor to the AI Governance Committee.

**This is a hybrid role in Charlotte, NC/Stamford, CT**

This is a technical leadership role that requires hands-on technical depth, cross-functional leadership, and the ability to build a program from the ground up.

What you’ll do:

Pipeline Security & Code Hardening

• Own the end-to-end application security pipeline: SAST, DAST, SCA, secrets detection, IaC scanning, and container scanning across the Enterprise code estate

• Define and enforce control gates

• Manage the pipeline gating philosophy

• Own the exception register, including time-bound exceptions with named compensating controls and expiry dates

• Drive migration of production code into Enterprise GitHub to enable uniform scanning, gating, and provenance tracking

• Partner with technical leaders on activity reviews, finding burn-down, gate friction, and release-level blockers

• Establish provenance tagging for AI-generated and third-party code so it passes the same gates as enterprise code

• Analyze modern and legacy programming languages

• Oversee DevSecOps tie-ins with suppliers performing development activity

AI Defense & Operations

• Operationalize Cisco AI Defense and Multi-Cloud Defense across the major public cloud providers

• Operate Cisco AI Defense across the four major capabilities: Model & App Validation (algorithmic red-teaming with gate evidence), Runtime Protection (prompt injection, jailbreak, data exfiltration filtering), Knowledge Security (data loss prevention and control), and Cloud & Asset Visibility (AI inventory across AWS/GCP/Azure/Oracle)

• Serve as a technical advisor to the AIGC, delivering validation reports, AI SBOMs, and risk inputs

• Define and enforce AI guardrails policy including data classification enforcement, prompt injection defense, output safety controls, and agent action/tool-use limits partnering with development and product teams

• Oversee the phased AI Defense deployment roadmap from foundation through full enforcement

• Oversee IAM and SSO integrations with both internally developed and SaaS tools

• Coordinate with SecOps on incident response and playbook development related to DevSecOps and AI security

• Consult on shadow AI discovery and employee AI tool usage

AI Defense & Operations

• Lead the DevSecOps Analyst, setting priorities, developing skills, and reviewing work quality

• Coordinate the engineering resources on pipeline engineering, tool administration, and cloud posture work

• Build and sustain a security champions network with champions in each development team, providing coaching, training, and support

• Deliver OWASP-aligned secure code training (Top 10, API Top 10, LLM Top 10, Code Hardening) and role-based / language-based deep dives for development teams

• Facilitate DevSecOps working sessions, leadership syncs, and executive reporting

• Publish program metrics regularly

• Partner with Sourcing to oversee supplier relationships tied to DevSecOps

Requirements:

• Bachelor’s degree in computer science, cybersecurity, software engineering, or comparable work experience

• 7+ years of experience in application security, DevSecOps, DevOps, or security engineering roles

• Proven track record of building or significantly maturing a pipeline security program (SAST, DAST, SCA, secrets, containers)

• Hands-on experience integrating security tools into CI/CD pipelines (GitHub Actions, GitLab CI, Jenkins, or similar)

• Strong understanding of modern software development practices such as Git workflows, containerization, infrastructure as code, and cloud-native architectures

• Experience defining and enforcing security gates in a development pipeline without creating undue friction

• Demonstrated ability to lead cross-functional initiatives involving development, infrastructure, and security teams

• Experience mentoring junior security team members

• Strong written and verbal communication skills, including the ability to present technical findings and program status to executive audiences

• Advanced organizational skills, ability to successfully manage multiple tasks/incidents

• Experience with Snyk, Burp Suite, Aikido, or similar SAST/DAST/SCA platforms

• Familiarity with AI/ML security concepts: prompt injection, model validation, AI supply chain risk

• Experience with Cisco AI Defense or similar AI runtime protection platforms

• CISSP, CSSLP, GWEB, GWAPT, or comparable work experience

• Experience with OWASP frameworks (Top 10, API Top 10, ASVS, SAMM)

• Familiarity with scripting and automation (Python, PowerShell, Bash, or similar) for pipeline integration

• Experience operating in a partnership-first model with development teams rather than a gate-and-block approach

• Preferred: PHP, RPG, JavaScript experience

Why join us?

We don’t just “talk the talk!” We’re an award-winning company (recently named a Glassdoor Best Place to Work in 2026) that truly cares about our people - That’s why we offer best-in-class benefits and perks that will support you and your family. In addition to our health and financial plans, we also offer:

• Paid Parental Leave

• Employee Discount Program

• Career Development & Promotional Opportunities

• Additional Vacation Buy Up Program (US Only)

• Early Wage Access through Payactiv (US Hourly Only)

• Paid Sick Leave

• An inclusive and welcoming culture

Explore our comprehensive U.S. benefit offerings

For Canadian benefits, click here

United Rentals, Inc. is an Equal Opportunity Employer and makes employment decisions regardless of race, color, religion, sex, national origin, age, genetic information, citizenship status, veteran status, sexual orientation, gender identity, disability, or any other status protected by law. If you need a reasonable accommodation at any point of the application process, please email [email protected] for assistance.

At United Rentals, we proudly hire active duty members, veterans, reservists, and their families. The values that define your service—leadership, discipline, integrity, and teamwork—are the same values that drive our success. With many veterans already part of our team, we’re ready to help you transition into a rewarding career.

United Rentals consists of a wide variety of roles with different duties and responsibilities. The actual pay rate offered to candidates varies depending upon a wide range of factors including specific position, location, education, training, experience, skills, and ability.