YPO
DevSecOps Engineer (Cloud Security — AI-First Platform & Secure-by-Design Architecture)
Full details on LinkedIn
The complete job description, requirements, and application details are available on the original posting.
About YPO
YPO (Young Presidents' Organization) is a global leadership community for chief executives, founded in 1950. With over 36,000 members across more than 142 countries, YPO focuses on peer-to-peer learning, idea exchange, and personal development to cultivate better leaders. The organization began in Rochester, New York, when Ray Hickok gathered young presidents for their first meeting, emphasizing education and confidential peer exchange. YPO's mission is to unite chief executives in a supportive environment that encourages continuous learning and growth. Members participate in small-group forums to discuss business and personal challenges, attend educational programs in collaboration with prestigious institutions, and engage in networking and volunteering activities. The community fosters a diverse and inclusive space for leaders from various backgrounds, providing a "safe harbor"for unbiased feedback and support. Through initiatives like the YPO Global Pulse survey, members gain insights into economic trends, enhancing their leadership capabilities.
Security at YPO
Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.
Security Philosophy
- Stated AppSec Mission: "Security is foundational to this transformation".
- Developer Enablement vs. Gatekeeping: "ensures secure-by-design principles are embedded across YPO's global platforms".
- Risk Philosophy: "YPO made the conscious decision to proactively implement security measures".
- Stated Pain Points or Goals: "CISOs and security leaders grappling with inadequate budgets, struggling with regulatory fragmentation".
- Gaps & Contradictions: No public, dedicated "Application Security" team page describing formal SLAs for remediation was found.
Security Team
Org Structure & Reporting Line: Information not publicly available. Key Public-Facing Leaders: Gavin Rimmington (IT Director) and David O'Brien (Director of IT Operations). Team Size Estimate: Information not publicly available. Active AppSec Job Postings: 1 posting. Common Skill/Tool Patterns: The DevSecOps Engineer integrates security and compliance into the software development lifecycle, CI/CD pipelines, application workflows. Gaps & Contradictions: No public, explicit AppSec organizational chart or a named CISO was found on the public leadership page.
Key Initiatives
- Security Champions Program: No Evidence Found. "Shift Left" in Practice: "integrates security and compliance into the software development lifecycle, CI/CD pipelines, application workflows".
- Vulnerability Management Process - Intake: "coordinating pen tests, and integrating SAST/DAST/SCA into pipelines".
- Vulnerability Management Process - Triage/Remediation: "owning the vulnerability management lifecycle".
- Secure SDLC Artifacts: "companies embedded security by design throughout the business".
- Recent Initiatives (Last 6 Months): "AI-First Platform & Secure-by-Design Architecture".
- Gaps & Contradictions: No evidence of a formal Security Champions program or published secure SDLC documentation was found on public sites.
Preparing for an AppSec interview?
Get the weekly briefing 2,000+ security pros trust.