Apply
DevSecOps Architect (CONTRACT)
Fully Remote Greater Boston, MA
Apply
Description

 

Spyglass MTG is seeking a senior, hands on DevSecOps Architect to serve as the primary delivery resource for a greenfield GitHub Enterprise Cloud rollout for a client modernization initiative. You’ll design the secure developer platform foundation, implement governance and security controls, migrate one pilot repository, enable secure CI/CD, and help teams adopt GitHub Advanced Security and GitHub Copilot with practical enablement. 

This role is ideal for someone who enjoys owning outcomes end-to-end—partnering with security and architecture stakeholders, setting standards, and leaving behind strong documentation and a clear handover for the client team. 


What You’ll Do (Key Responsibilities) 


Platform Architecture & Governance 

  • Stand up a greenfield GitHub Enterprise Cloud environment and define scalable org/team/repo governance 
  • Establish practical standards (repo setup, branching, PR controls, lifecycle management) that support secure innersource collaboration.  

Identity, Access & Auditability 

  • Integrate with Azure Entra for SSO and enforce enterprise authentication and least privilege RBAC models. 
  • Implement enterprise policies and audit logging/monitoring patterns to support oversight and compliance.  

CI/CD Enablement 

  • Reconnect or build a development + production pipeline aligned with secure SDLC practices and platform guardrails.  

Repository Migration (Pilot) 

  • Plan and execute migration of one selected repository into GitHub Enterprise Cloud and validate integrity, permissions, and pipeline functionality.  

Security & Developer Enablement 

  • Enable GitHub Advanced Security (GHAS) (code scanning, secret scanning, dependency review/policies) and define basic governance/triage expectations.  
  • Enable GitHub Copilot and deliver a structured remote Copilot Hackathon experience for a small developer group.  

Documentation & Handover 

  • Produce clear architecture/governance documentation and lead knowledge transfer so the client can operate the platform post engagement.  

Required Qualifications 

  • Senior experience implementing enterprise DevSecOps platforms and secure SDLC practices.  
  • Handson administration/governance experience with GitHub Enterprise Cloud, including org/repo/team design and policy controls 
  • Experience implementing GitHub Advanced Security (GHAS) and operationalizing scanning/alerts in real teams.  
  • Strong CI/CD background (GitHub Actions and/or external CI tools), with ability to design secure build and deployment workflows.  
  • Experience migrating repositories from legacy systems (e.g., Azure DevOps) into GitHub Enterprise Cloud. 

Nice to Have 

  • GitHub Exams such as GH-100 or GH-300,  
  • Proven ability to lead technical workshops with security/architecture stakeholders and create high-quality documentation.  
  • Familiarity with developer enablement approaches (hackathons, practical labs, adoption guides) for tools like GitHub Copilot.  
  • Understanding of governance considerations for AI adjacent initiatives and data/security collaboration.  

Why This Role 

  • High impact platform buildout: establish the foundation for secure software delivery and modernization.  
  • Strong stakeholder visibility: work directly with security and architecture teams to set standards and guardrails.  
  • Clear, outcome based scope: platform + one pilot migration + enablement + handover deliverables.  
Apply
View All Jobs