DevSecOps Engineer

Elevance Health-posted 1 day ago
Full-time • Mid Level
Hybrid • Atlanta, IN
5,001-10,000 employees
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

DevSecOps Engineer Location: This role requires associates to be in-office 1 - 2 days per week, fostering collaboration and connectivity, while providing flexibility to support productivity and work-life balance. This approach combines structured office engagement with the autonomy of virtual work, promoting a dynamic and adaptable workplace. Alternate locations may be considered if candidates reside within a commuting distance from an office. Please note that per our policy on hybrid/virtual work, candidates not within a reasonable commuting distance from the posting location(s) will not be considered for employment, unless an accommodation is granted as required by law. Preferred Location: Indianapolis, IN. The DevSecOps Engineer will play a key role in embedding security into our development pipelines and cloud infrastructure, ensuring compliance with healthcare regulations such as HIPAA, PCI, and other data security compliance requirements. Your mission is to integrate into the team that is responsible for the data security for our core programs: Database Activity Monitoring, Data Loss Prevention, User Entity Behavior Analytics, File Integrity Monitoring, Data Security Posture Management (Classification) and Mainframe Logging and Monitoring. How You Will Make An Impact: Work with key teams to maintain and secure our cloud environments. Support department in any cloud platform need. Define and monitor Quality Assurance (QA) standards for department. Integrate security tools and practices (SAST, DAST, SCA) into CI/CD pipelines to detect and remediate vulnerabilities early in the SDLC. Collaborate with development, IT, and compliance teams to implement secure infrastructure-as-code (IaC) and DevSecOps standards. Design and maintain secure cloud infrastructure, primarily on AWS/Azure/GCP, aligned with HIPAA, PCI and other compliance/security requirements. Automate security controls, compliance checks, and threat detection systems across environments. Provides system and network architecture support for information and network security technologies. Provides technical support to business and technology associates in risk assessments and implementation of appropriate information security procedures, standards and technologies; represents major upgrades and reconfigurations in change control. Design & analyze mix of vendor services meeting business and information security requirements; maintains relationship with key vendors; leads lights on initiatives to consolidate equipment and/or implement business relocations. Determine and perform complex configuration changes to meet business and information security requirements; perform capacity analysis; recommend and implement capacity increases. Serve as the technical escalation for results of preventative maintenance routines; supervise preventative maintenance; represents infrastructure security support in significant projects and performs the most complex operations and administration tasks. Respond to level 3 & 4 change and problem requests without supervision; lead level 1 & 2 incident recoveries and root cause analysis.

  • Work with key teams to maintain and secure our cloud environments.
  • Support department in any cloud platform need.
  • Define and monitor Quality Assurance (QA) standards for department.
  • Integrate security tools and practices (SAST, DAST, SCA) into CI/CD pipelines to detect and remediate vulnerabilities early in the SDLC.
  • Collaborate with development, IT, and compliance teams to implement secure infrastructure-as-code (IaC) and DevSecOps standards.
  • Design and maintain secure cloud infrastructure, primarily on AWS/Azure/GCP, aligned with HIPAA, PCI and other compliance/security requirements.
  • Automate security controls, compliance checks, and threat detection systems across environments.
  • Provides system and network architecture support for information and network security technologies.
  • Provides technical support to business and technology associates in risk assessments and implementation of appropriate information security procedures, standards and technologies; represents major upgrades and reconfigurations in change control.
  • Design & analyze mix of vendor services meeting business and information security requirements; maintains relationship with key vendors; leads lights on initiatives to consolidate equipment and/or implement business relocations.
  • Determine and perform complex configuration changes to meet business and information security requirements; perform capacity analysis; recommend and implement capacity increases.
  • Serve as the technical escalation for results of preventative maintenance routines; supervise preventative maintenance; represents infrastructure security support in significant projects and performs the most complex operations and administration tasks.
  • Respond to level 3 & 4 change and problem requests without supervision; lead level 1 & 2 incident recoveries and root cause analysis.
  • Requires a bachelor’s degree or equivalent combination of education and experience that would provide the knowledge to perform such work.
  • Experience must include a minimum of 3 years experience in a support & operations or design & engineering role in any of the following areas: access management or network security technologies, servers, networks, Network communications, telecommunications, operating systems, middleware, disaster recovery, collaboration technologies, hardware/software support or other infrastructure services role; or any combination of education and experience, which would provide an equivalent background.
  • Requires experience providing top-tier support for 3 or more of the information security technology areas: 1) Access Control, 2) Application Security, 3) Business Continuity and Disaster Recovery Planning, 4) Cryptography, 5) Information Security and Risk Management 6) Legal, Regulations, 7) Compliance and Investigations, 8) Operations Security, 9) Physical (Environmental) Security, 10) Security Architecture and Design, 11) Telecommunications and Network Security.
  • Technical security certifications (e.g. CISSP, HCISPP, GIAC, AWS Certified Security, Microsoft Certified: Azure Security Engineer Associate, Google Professional Cloud Security Engineer and Certified Kubernetes Administrator) preferred.
  • BA/BS degree in Information System and Computer Science or related field of study strongly preferred.
  • Hands-on experience with CI/CD tools (e.g., GitLab CI/CD) and integrating security tools.
  • Experience with cloud security tools and services (e.g., AWS Config, GuardDuty, Azure Security Center).
  • Knowledge of container security (Docker, Kubernetes), IaC (Terraform, Ansible), and secrets management (e.g., HashiCorp Vault, AWS Secrets Manager).
  • Automation experience in advanced automation delivery software and languages (e.g., Ansible, Terraform) for application deployments.
  • We offer a range of market-competitive total rewards that include merit increases, paid holidays, Paid Time Off, and incentive bonus programs (unless covered by a collective bargaining agreement), medical, dental, vision, short and long term disability benefits, 401(k) +match, stock purchase plan, life insurance, wellness programs and financial education resources, to name a few.
Track Jobs with Teal

Job Search Resources

AI Resume Builder
DevSecOps Engineer Resume Examples
DevSecOps Engineer Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service