Development Security Operations Engineer (Healthcare Consulting)

Sellers Dorsey is a healthcare impact strategy firm focused on improving care access, quality, and outcomes for vulnerable populations. The Development Security Operations Engineer will bridge the gap between software development and security engineering operations, designing and maintaining automated systems to facilitate software delivery and monitoring.

Responsibilities:

• Develop and implement application security vulnerability practices
• Deploy CNAPP/CSPM using tools like Microsoft native Defender for Cloud, Prisma Cloud, Wiz
• Implement security best practices within the CI/CD pipeline and infrastructure to ensure application security
• Responsible for GitHub Enterprise Administration
• Ensure proficient in application penetration testing
• Assist developers with training and resolving vulnerabilities in a timely manner
• Active participation in Change and Architecture Review Meetings
• Develop and implement automation scripts to streamline repetitive tasks like infrastructure provisioning, code builds, testing, deployments, and monitoring across different environments
• Design, build, and maintain continuous integration and continuous delivery pipelines using tools like Sonar, Azure DevOps, GitLab
• Manage cloud infrastructure Azure including provisioning, scaling, and configuration management using tools like Terraform or Ansible
• Set up monitoring/alert systems to identify potential issues in production environments and create alerts to notify relevant teams
• Work closely with our developers, QA engineers, and system administrators to identify and resolve issues throughout the development lifecycle
• Debug and troubleshoot technical issues related to deployments, infrastructure, and application performance
• Research and analyse the latest security threats, emerging technologies, and DevSecOps trends to stay ahead of evolving risks
• Engage in ongoing professional development by attending training sessions, obtaining certifications, and actively participating in industry discussions
• Apply new knowledge to improve security strategies, enhance system protections, and drive innovation in DevSecOps practices

Requirements:

• Bachelor's degree in Computer Science, Information Systems, or equivalent technical discipline
• Four (4) years of experience in a DevSecOps or DevOps Engineer role. Engineering product development in full life cycle (healthcare, preferred)
• Proven experience as a DevOps Engineer, with a focus on Microsoft technologies
• Knowledge of security best practices in DevOps
• Experience with monitoring tools like Prometheus, Grafana, or Azure Monitor
• Experience with security frameworks and compliance standards (e.g., HIPAA, HITRUST, SOC2, ISO 27001, NIST, GDPR, etc.)
• Proficiency in scripting languages like Python, Bash, Ruby, and PowerShell
• Expertise in Git and related branching strategies
• Deep understanding of cloud platform Azure
• Experience with tools like Ansible, Chef, or Puppet
• Sonar Qube, Acunetix, Prisma Cloud, Wiz, Defender for Cloud
• Knowledge of Sonar, Azure DevOps, or similar platforms
• Familiarity with tools like Prometheus, Grafana, and Datadog
• Customer-focused – providing consistent service excellence
• Strong analytical skills to identify and solve security and operational challenges in a timely and effective manner
• Ability to work closely with development, operations, and security teams to ensure smooth deployment and integration of new software releases
• Excellent communication skills to articulate security concerns and solutions effectively
• Strong interpersonal and conflict resolution skills
• Critical thinking and problem-solving skills
• Attention to detail
• Flexible thinking, including the ability to pivot and try new approaches when faced with challenges
• Ability to work on multiple projects in various stages simultaneously
• Desire to work in a fast-paced, high-energy environment
• Ability to prioritize and demonstrate relentless discipline in achieving goals