Security DevOps Engineer (HealthTech) vacancy at TigerConnect
Contribute to the design and integration of cyber security toolsets to enable more automated discovery, remediation, and alerting of system vulnerabilities.
Architect and integrate security tools into the CI/CD pipeline.
Architect, manage, and remediate findings from security tools, pen test reports, and compliance requirements.
Manage and maintain compliance and certifications (existing and new).
Help select and manage relationships with security vendors and partners.
Analyze and respond to production security notifications in a timely manner.
Foster DevSecOps culture and advocate for a security-first mindset amongst Security, QA, Development, and DevOps teams.
Deploying web and service-based applications in multiple instances of our PaaS.
Continually research, evaluate, and apply emerging technologies to improve security and the products.
Provide technical oversight to the development process including reviewing the technical design and the deployment architecture.
Work cross functionally with all departments to assist with security related issues as it relates to engineering, client care, and sales teams.
Willingness to take ownership, troubleshoot hands-on, and be on-call for security issues in a 24/7 environment.
Experience in monitoring and responding to security events
Proven track record of creating secure cloud architectures for mission critical Internet-facing applications.
Expertise implementing and maintaining compliance (HIPAA, HI-TRUST, FEDRAMP)
Experience with build-time dependency management, unit testing and code-coverage tools, test automation techniques and tools.
Experience and understanding of microservices architecture, design patterns, and secure software development methodologies.
Experience building and managing infrastructure-as-code including automation/scripting tools and languages.
Experience in DevOps culture and the ability to teach and profess is highly desired.
Ability to communicate security and risk-related concepts to technical and nontechnical audiences at both the executive and working level.