Development Security Operations Engineer

About The Position

Requirements

• Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent experience)
• 5+ years of experience in DevOps, Security Engineering, or DevSecOps roles
• Experience supporting regulated systems in life sciences or healthcare environments
• Hands-on experience with cloud platforms (AWS, Azure, or GCP) in validated environments
• Strong knowledge of GxP, CSV, and regulated SDLC practices
• Proficiency in scripting or programming (Python, Bash, PowerShell)
• Familiarity with IAM, encryption, audit logging, and data integrity controls

Nice To Haves

• Experience supporting clinical trial platforms (EDC, CTMS, eTMF, CDMS)
• Knowledge of FDA 21 CFR Part 11 and Annex 11 requirements
• Security or compliance certifications (CISSP, CISM, CCSK, or equivalent)

Responsibilities

• Integrate security and compliance controls into CI/CD pipelines supporting clinical trial systems and platforms
• Design, implement, and maintain secure infrastructure for clinical data applications (EDC, CTMS, eTMF, RTSM, data lakes)
• Implement security testing and validation activities aligned with GxP and CSV (Computer System Validation) requirements
• Conduct vulnerability assessments, code scanning (SAST/DAST/SCA), and risk assessments for regulated systems
• Automate security monitoring, alerting, and audit logging for clinical trial environments
• Partner with Clinical Operations, IT, Quality, and Regulatory teams to ensure inspection readiness
• Support data privacy and protection requirements for patient and investigator data (HIPAA, GDPR)
• Maintain documentation, SOPs, and evidence required for audits and regulatory inspections
• Lead incident response activities involving clinical trial systems and protected health information
• Promote DevSecOps best practices while balancing agility with regulatory compliance