Job Summary: DevSecOps Engineer is responsible for designing, implementing, and maintaining secure CI/CD pipelines, cloud infrastructure, and automation frameworks. The role focuses on integrating security controls, compliance, and monitoring into DevOps processes to support mission-critical healthcare applications and data sharing platforms.
Key Responsibilities :
DevSecOps & Automation
· Design, implement, and maintain CI/CD pipelines for application and API deployments.
· Automate build, test, security scanning, and deployment processes.
· Manage infrastructure using Infrastructure as Code (IaC) tools (Terraform, CloudFormation, ARM).
· Support containerized environments using Docker and Kubernetes.
· Ensure high availability, scalability, and disaster recovery.
Security Integration (DevSecOps)
· Embed security controls into CI/CD pipelines (SAST, DAST, SCA).
· Implement and maintain container security and image scanning.
· Enforce secrets management, encryption, and key rotation.
· Integrate identity and access management (IAM) with least-privilege principles.
· Conduct vulnerability assessments and support remediation activities.
Cloud & Platform Engineering
· Design and manage secure cloud environments like AWS.
· Implement network security controls (VPCs, firewalls, security groups).
· Monitor system performance, logs, and security events.
· Support API Gateway platforms (e.g., MuleSoft Anypoint Platform).
Compliance & Governance
· Ensure compliance with HIPAA, CMS, FISMA, FedRAMP, and NIST (800-53, 800-171).
· Support ATO processes, audits, and security documentation.
· Implement continuous monitoring and compliance reporting.
· Collaborate with ISSO and security teams on risk assessments.
· Collaboration & Agile Support
· Work closely with developers, architects, QA, and security teams.
· Participate in Agile ceremonies and release planning.
· Provide guidance on secure coding and cloud security best practices.
Required Qualifications:
· 4+ years of experience in DevOps or DevSecOps engineering.
· Strong experience with CI/CD tools (Jenkins, GitLab CI, GitHub Actions).
· Hands-on experience with cloud platforms (AWS, Azure, or Google Cloud Platform).
· Experience with containerization and orchestration (Docker, Kubernetes).
· Knowledge of security tools (Snyk, SonarQube, Aqua, Prisma Cloud, or similar).
Preferred Qualifications:
· Experience supporting federal or healthcare IT programs.
· Experience with API Gateways and MuleSoft.
· Knowledge of FHIR/HL7 healthcare data standards.
· Experience with FedRAMP Moderate/High environments.
· AWS certification preferred, particularly AWS Certified DevOps Engineer – Professional or Solutions Architect – Associate/Professional.
Key Skills:
· DevSecOps & CI/CD Automation
· Cloud Security & Infrastructure as Code
· Container & Kubernetes Security
· Federal Compliance & ATO Support
· Monitoring, Logging & Incident Response
· API Gateway & Integration Platforms
Residency Requirement:
Candidate must be OR to obtain Public Trust clearance and must have lived in the United States for at least three (3) out of the last five (5) years.
Salary & Benefits Information:
The actual salary offer will carefully consider a wide range of factors, including your skills, qualifications, experience, and location.
C-HIT offers Healthcare Benefits, Remote Working Options, Paid Time Off, PTO cash-out, Training/Certification opportunities, Healthcare Savings Account & Flexible Savings Account, Paid Life Insurance, Short-term & Long-term Disability, 401K Match, Employee Assistance Program, Paid Holidays, and much more perks and Voluntary benefits!
Employees of C-HIT shall, as an enduring obligation throughout their term of employment, adhere to all information security requirements as documented in company policies and procedures.
C-HIT, a CMMI Maturity Level 5 company, focuses on delivering information technology and professional services to Federal and State agencies.
"C-HIT is an EOE, including disability and veterans”
Never miss an opportunity! Create an alert based on the job you applied for.
