Cloud & Digital Platform DevSecOps Engineer

About The Position

Requirements

• Bachelor’s or master’s degree in computer science, Engineering, or related field
• 5+ years of experience in: Cloud infrastructure / DevOps / SRE, CI/CD pipeline design and automation
• Experience in regulated environments (medical device or healthcare preferred)
• Strong understanding of: IEC 62304 , ISO 14971
• Deep experience with AWS services: Compute: EC2, Lambda, ECS/EKS, Networking: VPC, ALB/NLB, PrivateLink, Storage: S3, EBS, Databases: RDS, Aurora PostgreSQL, Integration: API Gateway, EventBridge, SNS/SQS
• Strong understanding of: AWS Well-Architected Framework, Multi-account cloud governance
• Expertise in CI/CD tools: GitHub Actions, GitLab CI, Jenkins
• Containerization & orchestration: Docker, Kubernetes (EKS preferred)
• Experience implementing: Secure SDLC pipelines, IAM least privilege models
• Familiarity with: Threat modeling, Vulnerability management tools
• Experience with monitoring/logging tools: CloudWatch, Prometheus, Grafana, OpenSearch
• Strong understanding of: Distributed systems reliability, Incident response and root cause analysis

Nice To Haves

• Experience leveraging tools such as: GitHub Copilot, Claude / Codex
• Ability to: Automate DevOps workflows, enhance code quality and testing using AI

Responsibilities

• Design, implement, and manage scalable, secure AWS cloud infrastructure using Infrastructure as Code (IaC)
• Build and maintain multi-account AWS environments with proper governance (Landing Zone, Control Tower, SCPs)
• Design infrastructure for: Device connectivity platforms (IoT, MQTT ingestion), Web/mobile applications (portals, APIs), Data platforms (S3, RDS, Redshift)
• Implement high availability, disaster recovery, and cost optimization strategies
• Design and implement end-to-end CI/CD pipelines for: Backend services (APIs, microservices), Frontend applications (React portals, mobile apps), Infrastructure deployments (IaC pipelines)
• Enable automated build, test, security scan, and deployment workflows
• Implement progressive delivery strategies: Blue/Green deployments, Canary releases
• Integrate pipelines with tools such as: GitHub Actions / GitLab CI / Jenkins, AWS CodePipeline / CodeBuild / CodeDeploy
• Embed security into the SDLC (“Shift Left Security”): SAST, DAST, dependency scanning, Container security (ECR scanning, runtime protection)
• Implement identity and access management (IAM) best practices
• Design and enforce: Secrets management (AWS Secrets Manager, Parameter Store), Encryption (KMS, TLS/mTLS)
• Enable device and platform security: Certificate lifecycle management (PKI, mTLS)
• Support compliance with: FDA Cybersecurity Guidance, HIPAA, ISO 27001 / HITRUST
• Build and maintain observability stack: Metrics (CloudWatch), Logging (CloudWatch Logs, OpenSearch), Tracing (X-Ray, OpenTelemetry)
• Define SLIs, SLOs, and alerting strategies
• Enable proactive monitoring for: Device fleet health, Platform performance, Security anomalies
• Develop reusable infrastructure modules using: Terraform / CloudFormation
• Build internal developer platform capabilities: Self-service infrastructure provisioning, Standardized deployment templates
• Enable developer productivity through: Automated environments (dev/test/stage/prod), Ephemeral environments for testing
• Ensure infrastructure and pipelines support: IEC 62304 , ISO 14971 risk management
• Maintain: Traceability across build, test, and deployment, Audit-ready logs and deployment records
• Contribute to AAMI TIR45 aligned Agile processes
• Partner with: Platform engineering, Data engineering, Security and QA teams
• Mentor engineers on DevOps and security best practices
• Lead design reviews for infrastructure and deployment architecture