Sr Development Security Operations Engineer ( Senior DevSecOps Engineer)

Senior DevSecOps Engineer Position Summary The Senior DevSecOps Engineer will be embedded within product engineering teams to implement and maintain secure, automated, and reliable delivery pipelines while following standards, frameworks, and guardrails set by the DevSecOps Center of Excellence (CoE). This is a hands-on role that reports to the Manager of DevSecOps and works directly with developers, SREs, and product managers to enable faster, safer deployments, cost-efficient infrastructure, and adherence to enterprise security policies. The engineer will collaborate closely with Principal and Senior Staff DevSecOps engineers for technical guidance and mentoring while operating within the centralized DevSecOps leadership framework. Key Responsibilities Product Line DevSecOps Execution · Build and maintain CI/CD pipelines (GitHub Actions, GitLab CI, Jenkins, ArgoCD) for the assigned product line. · Integrate security testing (SAST, SCA, DAST, container scanning) into build and deployment workflows. · Apply CoE standards, templates, and automation frameworks consistently within product environments. · Troubleshoot and resolve DevSecOps issues, escalating complex challenges to Staff/Principal engineers. Infrastructure Automation · Implement Infrastructure-as-Code (Terraform, CloudFormation) for product infrastructure. · Adopt GitOps practices for repeatable and auditable infra provisioning. · Ensure infrastructure deployments comply with security guardrails, tagging, and cost controls. Observability, Security Compliance · Collaborate with SREs to enable monitoring, logging, and observability (Prometheus, Grafana, OpenTelemetry, New Relic, CloudWatch). · Ensure pipelines and infrastructure comply with HIPAA, SOC2, and internal security standards. · Embed IAM, KMS, GuardDuty, Security Hub into workflows for cloud security posture. FinOps Cost Awareness · Implement CoE-defined cost governance practices in product pipelines. · Ensure workloads are tagged, right-sized, and cost-efficient. · Provide cost visibility to product teams and support FinOps reviews. Collaboration Continuous Improvement · Work closely with developers, QA, SRE, and product managers to support secure and efficient delivery. · Participate in CoE knowledge-sharing sessions, playbooks, and Communities of Practice. · Contribute feedback from product teams back into the CoE to improve standards and frameworks. · Continuously learn from Staff and Principal engineers and apply best practices within the product line. Qualifications Experience Required · 8+ years in DevOps, Cloud, or Security Engineering. · Strong hands-on experience with CI/CD pipeline tools (GitHub Actions, GitLab CI, Jenkins, ArgoCD). · Proficiency in AWS services (EKS, ECS, EC2, S3, IAM, Security Hub, GuardDuty). · Hands-on with containers Kubernetes (Docker, EKS). · Experience with Infrastructure-as-Code (Terraform, Pulumi, CloudFormation). · Familiarity with observability platforms (Prometheus, Grafana, OpenTelemetry, New Relic, CloudWatch). · Programming/scripting in Python, Go, or shell scripting. · Strong collaboration skills in cross-functional product teams. Preferred · Experience in SaaS or healthcare software environments. · Knowledge of databases (MongoDB, Elasticsearch, SQL). · Familiarity with compliance frameworks (HIPAA, SOC2, ISO 27001). · Certifications: AWS Security Specialty, CKA/CKAD, FinOps Certified Practitioner GHX: It's the way you do business in healthcare Global Healthcare Exchange (GHX) enables better patient care and billions in savings for the healthcare community by maximizing automation, efficiency and accuracy of business processes. GHX is a healthcare business and data automation company, empowering healthcare organizations to enable better patient care and maximize industry savings using our world class cloud-based supply chain technology exchange platform, solutions, analytics and services. We bring together healthcare pr ... (truncated, view full listing at source)