DevSecOps Engineer

 Candidate must be able to obtain Public Trust clearance and must have lived in the United States for at least three (3) out of the last five (5) years.

Job Summary:
DevSecOps Engineer is responsible for designing, implementing, and maintaining secure CI/CD pipelines, cloud infrastructure, and automation frameworks. The role focuses on integrating security controls, compliance, and monitoring into DevOps processes to support mission-critical healthcare applications and data sharing platforms.

Key Responsibilities:

DevOps & Automation

• Design, implement, and maintain CI/CD pipelines for application and API deployments.
• Automate build, test, security scanning, and deployment processes.
• Manage infrastructure using Infrastructure as Code (IaC) tools (Terraform, CloudFormation, ARM).
• Support containerized environments using Docker and Kubernetes.
• Ensure high availability, scalability, and disaster recovery.

Security Integration (DevSecOps)

• Embed security controls into CI/CD pipelines (SAST, DAST, SCA).
• Implement and maintain container security and image scanning.
• Enforce secrets management, encryption, and key rotation.
• Integrate identity and access management (IAM) with least-privilege principles.
• Conduct vulnerability assessments and support remediation activities.

Cloud & Platform Engineering

• Design and manage secure cloud environment in AWS.
• Implement network security controls (VPCs, firewalls, security groups).
• Monitor system performance, logs, and security events.
• Support API Gateway platforms (e.g., MuleSoft Anypoint Platform).

Compliance & Governance

• Ensure compliance with HIPAA, CMS, FISMA, FedRAMP, and NIST (800-53, 800-171).
• Support ATO processes, audits, and security documentation.
• Implement continuous monitoring and compliance reporting.
• Collaborate with ISSO and security teams on risk assessments.

Collaboration & Agile Support

• Work closely with developers, architects, QA, and security teams.
• Participate in Agile ceremonies and release planning.
• Provide guidance on secure coding and cloud security best practices.

Required Qualifications:

• 4+ years of experience in DevOps or DevSecOps engineering.
• Strong experience with CI/CD tools (Jenkins, GitLab CI, GitHub Actions).
• Hands-on experience with cloud platform AWS.
• Experience with containerization and orchestration (Docker, Kubernetes).
• Knowledge of security tools (Snyk, SonarQube, Aqua, Prisma Cloud, or similar).

Preferred Qualifications:

• Experience supporting federal or healthcare IT programs.
• Experience with API Gateways and MuleSoft.
• Knowledge of FHIR/HL7 healthcare data standards.
• Experience with FedRAMP Moderate/High environments.
• AWS certification preferred, particularly AWS Certified DevOps Engineer – Professional or Solutions Architect – Associate/Professional.

Key Skills:

• DevSecOps & CI/CD Automation
• Cloud Security & Infrastructure as Code
• Container & Kubernetes Security
• Federal Compliance & ATO Support
• Monitoring, Logging & Incident Response
• API Gateway & Integration Platforms
  
  Candidate must be able to obtain Public Trust clearance and must have lived in the United States for at least three (3) out of the last five (5) years
  

  Salary & Benefits Information:

• The actual salary offer will carefully consider a wide range of factors, including your skills, qualifications, experience, and location.
• C-HIT offers Healthcare Benefits, Remote Working Options, Paid Time Off, PTO cash-out, Training/Certification opportunities, Healthcare Savings Account & Flexible Savings Account, Paid Life Insurance, Short-term & Long-term Disability, 401K Match & Profit sharing, Employee Assistance Program, Paid Holidays, and much more perks and Voluntary benefits! 
• Employees of C-HIT shall, as an enduring obligation throughout their term of employment, adhere to all information security requirements as documented in company policies and procedures.

C-HIT, a CMMI Maturity Level 5 company, focuses on delivering information technology and professional services to Federal and State agencies.

C-HIT is an EOE, including disability and veterans”