DevSecOps Engineer

Remote - United States

CipherHealth logo

CipherHealth

Apply now Apply later

CipherHealth has a duty to provide and maintain a workplace that is safe and free from health hazards. In addition, we have a customer base that holds the highest standards in promoting public health. To protect against infectious diseases, which may be mitigated through vaccinations, we have implemented a vaccination policy that applies to all employees. All employees must either:
  • establish that they have received the “designated vaccine(s)“; or 
  • obtain an approved exemption as an accommodation.

About Us

CipherHealth is an award-winning healthcare technology company that delivers a comprehensive portfolio of scalable and flexible patient engagement solutions for healthcare organizations to keep patients, staff, families and communities up to date and informed about their preventative, acute or elective care -- whether it is in a hospital, clinic, facility, at home or anywhere in between.

In this historic time, when the entire globe is facing a global healthcare crisis, CipherHealth is out in front helping hundreds of leading healthcare providers like UCSF, Johns Hopkins and University of Pennsylvania manage through this pandemic and beyond with solutions that enable them to deliver remarkable in-care experiences and impactful around-care engagement that empower patients and staff, reduce friction and waste, and drive best possible outcomes.

DevSecOps Engineer

We are seeking a smart, collaborative and highly motivated DevSecOps Engineer to join our growing Development Operations Team. As the DevSecOps Engineer, you will provide leadership in the DevSecOps areas of Certificate Management, Vulnerability Scanning, Remediation Patching, Security and Compliance with a focus on ‘shifting left’ by embedding security into CI/CD Gitlab pipelines.

You will come from a SaaS background, understand DevSecOps best practices, and be adaptable for ever changing technology stacks. You are someone who is excited to design robust CI/CD pipelines with security baked into them. A comprehensive understanding of the complete SDLC and integrating Security-as-Code (SaC) into the entire build and deployment pipelines is strongly desired.

Responsibilities

  • Provide expertise and best practices for implementing cloud infrastructure & product security
  • Assess architectures and designs for security vulnerabilities
  • Work with Developers, DevOps and Engineering teams in a dynamic environment to promote and implement DevSecOps best practices through-out the organization
  • Implement Security-focused DAST & SAST to analyze applications against high-severity issues such as those listed in the OWASP Top 10
  • Design a set of CI/CD pipeline security standards for all internal applications and implement them in Gitlab
  • Review and analyze vulnerability data to identify security risks to the organization's network, infrastructure, and applications
  • Work closely with our Information Security team reviewing security concerns and adapting to ever changing requirements
  • Work with Software Architects to design highly available environments in the GCP cloud through Infrastructure-as-Code (IaC) and configuration management (Terraform, Ansible)
  • Assist in the migration of legacy applications from monolithic architectures to service based containers for scalability, reliability, and quicker deployments
  • Continuously improve the visibility & efficiency of our CI/CD pipelines
  • Write custom terraform, Python, &  shell scripts to automate the entire deployment and build process from staging to production
  • Participate in on-call duties with DevOps team

Requirements

  • 4+ years of experience implementing enterprise-grade security solutions following industry established best practices
  • 4+  years of experience in DevOps engineering, and CI/CD tooling
  • 2+ years working in a software operations production environment; bonus points for SaaS experience
  • 2+ years experience working with cloud technologies (AWS, GCP, Azure); bonus points for GCP certifications 
  • Ability to work with APIs and Plugins to integrate security tools into established CI/CD pipelines
  • Familiarity with API Security, Container Security, Cloud Security, & Code Security tools such as Trivy, Claire, OpenVAS/Greenbone, Rapid7, Palo Alto Prisma, SonarQube, SonarCloud, CodeClimate, etc
  • Experience working with industry standard cybersecurity frameworks such as NIST-CSF, NIST-800, SOCII, HIPAA, HITrust, etc
  • Strong Linux Experience, Networking Fundamentals, Systems Understanding
  • Experience with container technologies (Docker, Kubernetes) from building to deploying to securing
  • Experience in application monitoring, telemetry gathering, and associated utilities (Nagios, Icinga, DataDog, NewRelic, FluentD, AWS Cloudwatch, GCP Cloud Logging/Stackdriver, etc)
  • Expertise with at least one common CI/CD tool such as Jenkins or CircleCI; bonus points for Gitlab
  • Familiarity with MongoDB, PostgreSQL, Redis; Bonus points for Snowflake
  • Fluent in English (written and spoken)
  • Candidates must reside in and be able to legally work in the US

Nice-to-Have

  • SaaS experience
  • Experience working in a highly regulated environment (Fintech, Health Care, Education)
  • GCP expertise and/or certifications
  • DevSecOps experience
  • One or more recognized security and cloud specific certifications (CCSP, SSCP, CISSP, CCSK, GCP Cloud Architect, AWS Solutions Architect, etc.)

How We Invest In You

  • Compensation: Competitive/equitable salary, bonus or commissions, and equity
  • Healthcare that begins on your first day:
  • Generous company-funding of our health, vision, and dental plans (most individual plans are of no cost to you for the monthly premium)
  • HSA/FSA plans
  • Short and Long-Term Disability
  • Life and Personal Accident Insurance
  • $40 monthly wellness stipend you can use towards any wellness, fitness, and wellbeing purchases
  • Weekly virtual yoga classes
  • Employee Assistance Program (EAP)
  • Adoption Assistance
  • Retirement: 401(k) at three months of employment — with a match upon enrollment!
  • Time away:
  • Discretionary PTO + 13 paid holidays
  • Parenthood: Competitive paid parental leave and flexible return to work policy
  • Recognition:
  • Generous Employee Referral Program - earn cash for each employee referral that is hired
  • Yearly Cipher-versary stipend
  • Ci-Phives - receive public kudos and gift cards from peers and managers
  • Culture:
  • CARE2 Values
  • Bi-Weekly All Hands Meetings
  • $30/employee monthly “Fundowment” for team bonding events
  • Employee Resource Groups such as Rainbow Room and BIPOC Group
  • Yearly donations to organizations that contribute to a more equitable world
  • Weekly Lunch & Learns and robust onboarding / training programs
  • Remote-first team: $50 per month reimbursement in your check for WFH expenses
  • You’ll receive a new Macbook laptop, other hardware, and company swag upon hire
Job region(s): Remote/Anywhere North America
Job stats:  3  0  0
  • Share this job via
  • or

Explore more DevOps, Cloud and Digital Infrastructure career opportunities