Development Security Operations Engineer (Healthcare Consulting)

About The Position

Requirements

• Bachelor's degree in Computer Science, Information Systems, or equivalent technical discipline.
• Four (4) years of experience in a DevSecOps or DevOps Engineer role. Engineering product development in full life cycle (healthcare, preferred).
• Proven experience as a DevOps Engineer, with a focus on Microsoft technologies.
• Knowledge of security best practices in DevOps.
• Experience with monitoring tools like Prometheus, Grafana, or Azure Monitor.
• Knowledge of security best practices in DevOps.
• Experience with security frameworks and compliance standards (e.g., HIPAA, HITRUST, SOC2, ISO 27001, NIST, GDPR, etc.).
• Customer-focused – providing consistent service excellence.
• Problem-Solving Skills: Strong analytical skills to identify and solve security and operational challenges in a timely and effective manner.
• Collaboration and Communication: Ability to work closely with development, operations, and security teams to ensure smooth deployment and integration of new software releases. Excellent communication skills to articulate security concerns and solutions effectively.
• Strong interpersonal and conflict resolution skills.
• Critical thinking and problem-solving skills.
• Attention to detail.
• Flexible thinking, including the ability to pivot and try new approaches when faced with challenges.
• Ability to work on multiple projects in various stages simultaneously.
• Desire to work in a fast-paced, high-energy environment.
• Ability to prioritize and demonstrate relentless discipline in achieving goals.

Nice To Haves

• Programming Languages: Proficiency in scripting languages like Python, Bash, Ruby, and PowerShell.
• Version Control: Expertise in Git and related branching strategies.
• Cloud Computing: Deep understanding of cloud platform Azure.
• Configuration Management Tools: Experience with tools like Ansible, Chef, or Puppet.
• Security: Sonar Qube, Acunetix, Prisma Cloud, Wiz, Defender for Cloud.
• CI/CD Tools: Knowledge of Sonar, Azure DevOps, or similar platforms Monitoring Tools: Familiarity with tools like Prometheus, Grafana, and Datadog.

Responsibilities

• Security & Monitoring: Develop and implement application security vulnerability practices. Deploy CNAPP/CSPM using tools like Microsoft native Defender for Cloud, Prisma Cloud, Wiz. Implement security best practices within the CI/CD pipeline and infrastructure to ensure application security. Responsible for GitHub Enterprise Administration. Ensure proficient in application penetration testing. Assist developers with training and resolving vulnerabilities in a timely manner. Active participation in Change and Architecture Review Meetings.
• Automation: Develop and implement automation scripts to streamline repetitive tasks like infrastructure provisioning, code builds, testing, deployments, and monitoring across different environments. CI/CD Pipeline Management: Design, build, and maintain continuous integration and continuous delivery pipelines using tools like Sonar, Azure DevOps, GitLab.
• Infrastructure Management: Manage cloud infrastructure Azure including provisioning, scaling, and configuration management using tools like Terraform or Ansible. Set up monitoring/alert systems to identify potential issues in production environments and create alerts to notify relevant teams. Work closely with our developers, QA engineers, and system administrators to identify and resolve issues throughout the development lifecycle. Debug and troubleshoot technical issues related to deployments, infrastructure, and application performance.
• Continuous Learning & Application: Research and analyse the latest security threats, emerging technologies, and DevSecOps trends to stay ahead of evolving risks. Engage in ongoing professional development by attending training sessions, obtaining certifications, and actively participating in industry discussions. Apply new knowledge to improve security strategies, enhance system protections, and drive innovation in DevSecOps practices.

Benefits

• The successful candidate will also be eligible to participate in our annual Corporate Incentive Plan (CIP) that can range to up to 10% of annual salary.
• Provided they meet all eligibility requirements under the applicable plan documents, the successful candidate (and their eligible dependents) will be eligible to enroll in group healthcare plans that offer medical, dental, and vision and for insurance plans offering short term disability, long term disability, and basic life.
• Employees are also able to enroll in Sellers Dorsey’s 401k plan provided they meet plan requirements.
• Sellers Dorsey offers a Flexible Time Off that allows employees to use what they need.
• Additionally, we offer 10 paid holidays throughout the calendar year, paid time off for qualifying medical leave, and up to 12 weeks of combined paid parental and bonding leave.