Director of DevSecOps

About The Position

Requirements

• 8+ years in DevOps / DevSecOps / Security / Platform Engineering
• 5+ years leading technical teams in regulated environments
• Deep Microsoft Azure experience (compute, networking, identity, security)
• CI/CD ownership (GitHub Actions, Azure DevOps)
• Infrastructure as Code expertise
• Strong HIPAA, SOC 2, HITRUST experience
• Experience supporting audits and operating in healthcare

Nice To Haves

• Healthcare interoperability familiarity
• Experience leading audit preparation
• Executive-level communication skills
• Freshservice / Freshdesk experience

Responsibilities

• DevOps & Platform Engineering Lead cloud infrastructure strategy across Azure (IaaS, PaaS, hybrid)
• Build secure, self-service delivery pipelines
• Establish CI/CD and infrastructure standards
• Drive Infrastructure as Code (Bicep, Terraform, ARM)
• Security Leadership (Primary Accountability) Own cloud, application, and DevSecOps security practices
• Embed HIPAA, SOC 2, and HITRUST controls into engineering workflows
• Define and enforce security guardrails
• Partner with Legal, Compliance, and Risk on audits and assessments
• Drive shift-left, security-by-design culture
• Secure SDLC Implement SAST, DAST, SCA, container scanning IaC security scanning and secrets management
• Identity & access management (Azure AD / Entra ID)
• Secure PHI and sensitive healthcare data handling
• CI/CD & Automation Own GitHub Actions / Azure DevOps pipelines
• Automate compliance evidence and audit readiness
• Reduce operational risk via automation-first design
• Reliability & Operations Establish monitoring, logging, and observability standards
• Lead incident response and post-incident reviews
• Track deployment frequency, MTTR, and change failure rate
• Own infrastructure SLAs and internal support operations
• ITSM & Service Excellence Govern Freshservice / Freshdesk workflows
• Improve ticket triage, reporting, and KPI visibility
• Use support data to drive continuous improvement