Staff DevSecOps Engineer - FuzeRx

Fuze Health

36d•Remote

About The Position

Alto Pharmacy (Fuze Health) is seeking a Staff DevSecOps Engineer to join our Engineering organization. As a full-service pharmacy operating nationally across mail-order and physical pharmacy locations, we build and operate highly reliable, secure, and compliant systems that directly impact patient health and safety. In this role, you will operate as a senior technical leader responsible for embedding security deeply into our engineering lifecycle. You will define DevSecOps strategy, elevate our cloud and application security posture, and partner cross-functionally to ensure Alto’s platform is secure, scalable, compliant, and resilient as we grow nationwide. This is a hands-on technical leadership role for someone who thrives in complex, regulated environments and wants to shape security architecture at scale.

Requirements

14+ years of experience in software engineering, infrastructure engineering, or security engineering, with significant experience in DevSecOps environments.
Deep expertise in cloud security architecture (AWS and/or GCP).
Strong experience securing containerized and Kubernetes-based environments.
Hands-on experience with CI/CD systems (GitHub Actions, GitLab CI, CircleCI, Jenkins, etc.).
Expertise in infrastructure-as-code (Terraform, CloudFormation) and securing IaC pipelines.
Strong knowledge of application security principles, OWASP Top 10, and secure coding practices.
Experience implementing and scaling SAST, DAST, SCA, container scanning, and secrets detection tools.
Deep understanding of IAM, RBAC, zero-trust models, and encryption best practices.
Experience operating in regulated environments (HIPAA, SOC 2, HITRUST, PCI, etc.).
Strong scripting or programming skills (Python, Go, Ruby, or similar).
Demonstrated ability to influence architectural decisions at a Staff or Principal level.

Nice To Haves

Experience in healthcare, pharmacy, fintech, or other highly regulated industries.
Experience building DevSecOps programs from early-stage to scale.
Background in site reliability engineering (SRE) or platform engineering.
Security certifications such as CISSP, CISM, CCSP, or cloud security certifications (AWS/GCP).
Experience implementing threat modeling frameworks (STRIDE, PASTA, etc.).
Experience with observability platforms and integrating security telemetry into monitoring systems.

Responsibilities

Technical Strategy & Architecture Define and lead the DevSecOps vision and roadmap across infrastructure, application, and CI/CD ecosystems.
Architect secure-by-design cloud-native systems across AWS/GCP environments.
Establish security patterns, guardrails, and reference architectures for engineering teams.
Evaluate and implement modern security tooling across SAST, DAST, SCA, container scanning, IaC scanning, and runtime protection.
Secure SDLC & Automation Embed security controls into CI/CD pipelines and developer workflows.
Drive infrastructure-as-code security best practices (Terraform, CloudFormation, etc.).
Automate security testing and compliance checks to reduce manual overhead.
Implement policy-as-code and automated governance controls.
Cloud & Infrastructure Security Lead identity and access management (IAM) strategy and least-privilege enforcement.
Strengthen container and Kubernetes security posture.
Oversee secrets management, encryption standards, and key management processes.
Partner with infrastructure teams on network segmentation, zero-trust architectures, and environment isolation.
Risk, Compliance & Incident Response Support and mature Alto’s security program in alignment with HIPAA, SOC 2, HITRUST, and other healthcare regulatory frameworks.
Conduct threat modeling, security design reviews, and architecture risk assessments.
Partner with Security and Compliance teams on audits and remediation efforts.
Provide senior-level leadership during security incidents, including root cause analysis and long-term mitigation planning.
Technical Leadership Mentor senior and mid-level engineers on secure coding and DevSecOps practices.
Influence engineering leadership and executive stakeholders on security strategy and risk prioritization.
Drive cross-functional alignment across Engineering, Product, IT, and Compliance.
Raise the overall security maturity of the organization through scalable frameworks and standards.

Benefits

dental, vision, and multiple group medical plans to choose from
a 401(k) retirement savings plan
group life insurance
accidental death and dismemberment (AD&D) insurance
flexible spending account (FSA) and health savings account (HSA)
commuter benefits
employer-paid short-term (STD) and long-term disability (LTD) insurance
additional supplemental insurance plans (spouse life insurance, legal insurance, an employee assistance program, home health testing kits, and a fertility medication discount program)
flexible vacation time
accrued paid sick time
10 paid holidays
(2 floating holidays for full time non-exempt employees)
eight weeks of paid parental leave for eligible employees
additional paid weeks for the birthing parent
4 weeks paid caregiver leave
a Lifestyle Spending Account allowance each month