DevSecOps Engineer

Care is a modern person-centric health platform that connects you to the healthcare ecosystem. We are excited to shape the future of healthcare and are looking to add new members to our team for this journey.

We are a technology-led company that seeks product-market fit, high relevance, and to essentially help people. Our teams are constantly iterating, solving problems, and working together to empower millions of people to make insightful decisions about their health.

If you want to be part of this culture, we’d love to talk!

• Design and implement mechanisms that efficiently identify and mitigate security risks within the existing DevOps workstreams.
• Build and maintain an AWS cloud infrastructure architecture aligning security, compliance, performance, and resilience
• Provide expertise and best practices for implementing cloud security (internal) and product security (external)
• Assess architectures and designs for security vulnerabilities and suggest and implement proper alternatives
• Oversee the management and remediation of identified security flaws within our development platforms
• Build and maintain monitoring, auditing, and reporting frameworks that produce artifacts that support security and compliance needs
• Build and maintain a set of tools that enable developers to self-serve for most operational tasks
• Develop processes that produce artifacts that support security and compliance requirements

• Strong experience in DevOps development practices, and CI/CD pipelines.
• Strong expertise with cloud environments AWS.
• Knowledge of orchestration platforms like Kubernetes, EKS,...
• Significant knowledge of security best practices for client-server product architectures, focusing predominantly on cloud-based server development
• Programming or scripting experience with a popular modern language utilized by the above tools (JavaScript, Java, Python, etc.).
• Experience extracting pertinent security data from SIEM solutions and AWS audits, logs, and reports
• A life-long learner - always looking to stay up to date with the latest attack vectors, vulnerabilities, remediation and protection paradigms, etc.
• Self-motivated, proactive, driven individual

Nice to Have

• Knowledge of one or more SSO methodologies (SAML, LDAP, MS AD)
• Experience in performing security vulnerability assessments, and good familiarity with regulations like HIPPA, PCI, and SOX.
• Strong interpersonal, oral, and written communication skills
• Ability to work in a fast-paced, rapidly changing, Agile, competitive environment
• Ability to work independently and in group environments
• *Please note that only shortlisted candidates will be notified