Staff DevSecOps Engineer

This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Staff DevSecOps Engineer based in the United States.

This is a high-impact, senior individual contributor role sitting at the intersection of platform engineering and security. You will help shape the foundational infrastructure that powers large-scale, real-time healthcare data exchange across a complex, distributed ecosystem. The work spans AWS and Kubernetes environments where security is treated as a core design principle rather than a downstream concern. You will build and enhance the automation, guardrails, and tooling that enable engineers to ship safely and reliably at scale. Operating within a fully remote, U.S.-based engineering organization, you’ll collaborate closely with platform and security teams in a culture built on ownership, transparency, and technical rigor. This role is ideal for someone who enjoys deep systems work and influencing engineering standards across an organization while remaining hands-on in the code.

In this role, you will drive the design and implementation of secure, scalable platform infrastructure across cloud-native environments. You will embed security into every layer of the engineering lifecycle while enabling developer velocity and system reliability.

• Champion a security-first engineering approach across platform systems, including AWS and EKS environments, with focus on IAM, secrets management, supply chain security, and container integrity.
• Design and implement automation that transforms compliance requirements into continuous, testable controls and integrates outputs into compliance tooling such as Vanta.
• Build secure-by-default platform patterns using policy-as-code, guardrails, and standardized infrastructure practices to reduce friction for application teams.
• Partner with security stakeholders to translate risk assessments and compliance gaps into actionable engineering solutions with clear tradeoffs and execution plans.
• Lead end-to-end delivery of platform security initiatives, from architecture and implementation to deployment, documentation, and operationalization.
• Contribute hands-on to core platform systems including CI/CD pipelines, Kubernetes operations, observability tooling, and developer infrastructure.
• Participate in on-call rotations and take ownership of production systems, including incident response and postmortem analysis.
• Mentor engineers and help elevate security practices across the broader engineering organization.

Requirements:

This role requires deep technical expertise in cloud infrastructure and security, combined with strong communication skills and the ability to operate in highly distributed engineering environments.

• 8+ years of experience in cloud infrastructure, platform engineering, or DevSecOps roles with increasing technical ownership and scope.
• Strong hands-on experience with AWS and Kubernetes (EKS), including production-scale operations and system design.
• Deep understanding of platform security principles such as zero-trust architecture, IAM design, secrets management, vulnerability management, and supply chain security.
• Experience translating compliance frameworks (e.g., SOC 2, HITRUST, or similar) into engineering controls and automated enforcement mechanisms.
• Proficiency with infrastructure-as-code tools such as Terraform, along with scripting experience in Python, Go, or TypeScript/Node.js.
• Familiarity with CI/CD security practices including artifact integrity, pipeline hardening, and registry controls.
• Strong written communication skills with experience driving technical decisions asynchronously through clear design documents and proposals.
• Ability to work autonomously in remote environments while collaborating effectively across engineering and security teams.

Benefits:

• Fully remote-first culture (U.S.-based)
• Unlimited flexible time off and 15+ company holidays
• Monthly long-weekend “Recharge” days
• Extended sabbatical program with stipend
• 401(k) with employer match starting day one
• Comprehensive medical, dental, and vision coverage from day one
• HSA, FSA, life, disability, and employee assistance programs
• Paid parental leave
• Productivity and wellness stipends
• Stock options and employee referral bonus program
• MacBook and support for virtual or in-person team collaboration events