DevSecOps is everywhere right now, but most teams are still treating it like a tooling problem. Damien Burks says it’s actually a culture problem. He’s a DevSecOps expert and the founder of the DevSec Blueprint, a free, open-source learning guide with a 650+ member community. His mission: help people break into DevSecOps by focusing on foundations and systems thinking, not expensive bootcamps.
In this episode, Damien explains why DevSecOps engineers are “the glue”, the people connecting developers, operations, legal, and compliance into a single security-minded team. He walks through the patterns that repeat across every cloud platform, why the first thing you should automate is your CI/CD pipeline, and how to think about LLM risks (hallucinations, data residency, prompt injection) when you’re working in regulated environments. He also shares the story of a woman in Africa who used the DevSec Blueprint to land her first internship, proof that accessible education works.
The bottom line: security isn’t something you bolt on at the end. It’s a shared responsibility. And the sooner your team internalizes that, the faster (and safer) you’ll ship.
Topics Covered
Why DevSecOps is a cultural movement, not a job title
DevSecOps engineers are “the glue”: connecting developers, operations, legal, and compliance
The DevSec Blueprint: an open-source learning guide for breaking into DevSecOps
Systems thinking over tool-chasing: recognizing patterns that work across platforms
Why soft skills and communication matter as much as technical chops
The #1 thing to automate this year: your CI/CD pipeline with security gates
Build, test, scan, deploy: the repeatable pattern inside every secure pipeline
LLM risks in regulated environments: hallucinations, data residency, and prompt injection
Air-gapped AI as a strategy for heavily regulated industries
Why prompt injection is still an unsolved problem and what that means for DevSecOps
The DevSecOps Home Lab: buying two machines from a pawn shop and learning by doing
One mindset shift: “Security is a shared responsibility”
About Damien Burks
Damien Burks is a DevSecOps leader, security engineer, educator, and the founder of the DevSec Blueprint, a free, open-source learning guide that helps people transition into DevSecOps and cloud security development. With a background in software development and experience working in heavily regulated environments, Damien focuses on making security education accessible, practical, and community-driven. His Discord community has grown to over 650 members who actively contribute projects and capstone exercises. Damien also creates content on YouTube covering cloud security, DevSecOps, and the tech career landscape. His philosophy: less tools, more foundations, and always lead with the mindset that security is a shared responsibility.
Connect with our guest Damien Burks: LinkedIn
Check out The DevSec Blueprint: https://devsecblueprint.com
