Lead DevSecOps Engineer

Digital Health Technology team powers digital experiences and engagement to enhance the lives of millions of people every day through connected care.

We build, deliver and manage a portfolio of data management platforms and mobile offerings in support of our core businesses.

We thrive on simple and elegant architecture and agility. You’ll be immersed in a dynamic high-growth environment and empowered to excel, take informed risks, and drive ingenuity across the enterprise.

About this Job The DevSecOps Engineer is pivotal in weaving security practices seamlessly into our DevOps processes, focusing on the design, implementation, and maintenance of secure, streamlined CI / CD pipelines.

This role demands collaboration with software developers, system operators, and IT staff to orchestrate secure code releases and deployments.

The ideal candidate embodies a fusion of DevOps expertise, robust security principles, and a vigilant, proactive stance on identifying and neutralizing potential vulnerabilities.

In this role, you will be responsible for,

• Develop, implement, and maintain a secure, efficient continuous integration and continuous deployment (CI / CD) pipeline, ensuring the integration of robust security controls and tools throughout the development lifecycle to proactively identify and remediate vulnerabilities.
• Foster a collaborative environment with the development and IT teams, ensuring security measures are ingrained in the development, deployment processes, and overall organizational culture.
• Enhance the security posture by continuously improving automation processes, utilizing advanced tools for vulnerability scanning, code analysis, and compliance monitoring to maintain high-security standards.
• Partner with incident response teams to swiftly investigate and mitigate security incidents, while also developing, updating, and testing incident response plans to ensure organizational preparedness.
• Keep abreast of emerging security threats, technologies, and best practices, translating this knowledge into actionable insights and strategies to fortify the company’s security framework.
• Champion secure coding practices, conduct regular security awareness trainings, and escalate security concerns effectively, cultivating a security-first mindset across development and operations teams.

Qualifications & Experience

• Bachelor’s degree in computer science, Information Security, or a related field, supplemented by relevant work experience.
• 12+ years of professional software development experience.
• Proven experience in a DevSecOps role with a strong understanding of cloud security, including automation and CI / CD.
• Deep knowledge of source control, branching & release strategies, pull requests and automated quality gates using tools such as GitHub or Bitbucket.
• Hands-on experience with security automation tools and technologies
• Proficiency in scripting languages (e.g., Python, Bash) and automation tools (e.g., Jenkins, GitHub Actions, Terraform).
• 8+ years of experience in public cloud (AWS) in building services using cloud native technologies including Kubernetes, Docker, serverless etc.
• Knowledge of security best practices and familiarity with regulatory compliance requirements like GDPR, HIPAA, etc.

Preferred Certification

• AWS Certified Security Specialty
• AWS Certified DevOps Engineer Professional
• AWS Certified Solutions Architect Associate or Professional

Joining us is more than saying yes to making the world a healthier place. It’s discovering a career that’s challenging, supportive and inspiring.

Where a culture driven by excellence helps you not only meet your goals, but also create new ones. We focus on creating a diverse and inclusive culture, encouraging individual expression in the workplace and thrive on the innovative ideas this generates.

If this sounds like the workplace for you, apply now! We commit to respond to every applicant.