Senior DevSecOps Engineer

Job not on LinkedIn

October 14

Apply Now

Receive Emails with Similar Jobs

Vida Health

WebsiteLinkedInAll Job Openings

Healthcare Insurance • Wellness • SaaS

Vida Health is a company committed to improving health outcomes for various physical and mental health conditions, including diabetes, obesity, depression, and hypertension. They offer personalized, human-led care combined with digital technology to manage and treat these complex conditions. Vida Health partners with employers, health plans, and consultants to provide comprehensive health solutions. Their services include video chats and text-based messaging with healthcare providers, and they utilize machine learning and synced devices to personalize member care. They focus on significant cost savings and improved health outcomes for cardiometabolic conditions, guaranteeing results and offering up to 100% of fees at risk for both physical and mental healthcare.

501 - 1000 employees

Founded 2014

⚕️ Healthcare Insurance

🧘 Wellness

☁️ SaaS

📋 Description

• Own the security posture of Vida’s cloud infrastructure, implementing best practices for regulated environments (HIPAA, HITRUST). • Manage and enhance infrastructure-as-code (Terraform) for GCP, ensuring configurations adhere to least privilege and zero trust principles. • Implement and maintain monitoring, logging and alerting frameworks across production systems using tools like Datadog, Prometheus and GCP Cloud Logging. • Oversee vulnerability management, including patching, dependency scanning and automated remediation workflows. • Partner with engineering teams to embed security controls within CI/CD pipelines (GitHub Actions or similar), aligning with secure software development lifecycle (SSDLC) practices. • Conduct threat modeling and risk assessments for new services and architecture changes. • Manage and optimize container security in Kubernetes (GKE), including image scanning, runtime protection and secrets management. • Collaborate with compliance teams on audit evidence automation and support for security certifications (HITRUST, SOC 2, etc.). • Lead incident response and postmortem analysis for security-related events. • Mentor Engineers on secure development and deployment practices, fostering a culture of security by design.

🎯 Requirements

• Bachelor’s Degree in Computer Science, Engineering or related field- or equivalent practical experience. • 6+ years of experience in DevOps, Cloud Infrastructure or Security Engineering roles, including production support. • Strong hands-on expertise with GCP (preferred) or another major public cloud (AWS, Azure). • Deep experience managing infrastructure via Terraform or similar IaC tools. • Demonstrated knowledge of container orchestration and Kubernetes security best practices. • Experience securing CI/CD pipelines using tools like GitHub Actions, Jenkins or GitLab CI. • Strong familiarity with application and dependency scanning tools (e.g., Snyk, Trivy, Dependabot). • Proficiency in Python, Go or Bash scripting for automation and tooling. • Experience implementing Zero Trust, network segmentation and service identity-based access controls. • Hands-on knowledge of monitoring and observability platforms (e.g., Datadog, Prometheus, Grafana).Understanding of security compliance frameworks (HIPAA, HITRUST, NIST 800-53).