Key skills
AWS MasterySecurity & ComplianceKubernetes (EKS)Production-Grade ScriptingData-Driven ObservabilityGitOps PractitionerRegulated EnvironmentsModern NetworkingArchitectural SecurityAI-Augmented EngineeringIncident LeadershipHigh proficiency in PythonHigh proficiency in NodeJSPythonAIClaudeNodeJSAWSTerraformKubernetesECSEKSArgoCDFluxEC2S3IAMSQSPrometheusGrafanaGitHubCI/CDLeadershipOWASP
About this role
Xealth is revolutionizing healthcare by leveraging data and automation to empower care providers. As a Senior DevSecOps Engineer, you will architect a self-healing and secure cloud ecosystem, focusing on automation and security to enhance health outcomes for millions.
Responsibilities:
- Architectural Security: You’ll be a critical part of the InfoSec team, championing improvements to our security posture. You won't just run scans; you’ll proactively evaluate, integrate, and tune tools (SAST/DAST/CSPM) to harden our environment before threats even materialize
- Intelligent Infrastructure (IaC): Design and evolve our dynamic AWS environment using Terraform. We’re looking for modular, reusable patterns that drive self-scaling and self-healing systems, moving us closer to a 'No-Ops' reality
- The 'Toil Killer': You’ll be part of the ownership of our automation strategy. Using NodeJS, Python, and cloud-native services, you will identify and eliminate manual friction, aiming for near-100% automation across the CI/CD lifecycle
- AI-Augmented Engineering: You don't just use GitHub Copilot or Claude; you master them. You’ll lead the charge in rethinking our development lifecycle—using AI to generate complex IaC, automate documentation, and audit security at the speed of thought
- Incident Leadership & Blameless Culture: Act as the ultimate escalation point for production issues. You’ll lead troubleshooting with a balance of technical precision and empathy, focusing on blameless post-mortems and long-term systemic fixes
Requirements:
- Expert-level, hands-on experience with AWS core heavyweights: VPC, EC2, ECS, EKS, IAM, S3, and SQS
- Deep familiarity with commercial and open-source security tools (e.g., Lacework/Crowdstrike, Semgrep, Checkov, or OWASP ZAP)
- Cautious, detail-oriented approach to VPC design, VPN technologies, TLS/HTTPS, and Site-to-Site connectivity
- Proven experience building, securing, and maintaining Kubernetes clusters at scale
- High proficiency in Python or NodeJS, writing clean, testable code for automation
- Experience using logging and metrics (Prometheus, Grafana, LGTM stack) to guide infrastructure improvements
- Experience navigating HIPAA, PCI-DSS, or SOC2 compliance
- Experience with 'Pull-based' deployments using ArgoCD or Flux
- AWS DevOps Professional or Security Specialty; or security-focused certs like OSCP or CCSP