[Hiring] DevSecOps Engineer @C-HIT

Role Description

• Design, implement, and maintain CI/CD pipelines for application and API deployments.
• Automate build, test, security scanning, and deployment processes.
• Manage infrastructure using Infrastructure as Code (IaC) tools (Terraform, CloudFormation, ARM).
• Support containerized environments using Docker and Kubernetes.
• Ensure high availability, scalability, and disaster recovery.
• Embed security controls into CI/CD pipelines (SAST, DAST, SCA).
• Implement and maintain container security and image scanning.
• Enforce secrets management, encryption, and key rotation.
• Integrate identity and access management (IAM) with least-privilege principles.
• Conduct vulnerability assessments and support remediation activities.
• Design and manage secure cloud environments like AWS.
• Implement network security controls (VPCs, firewalls, security groups).
• Monitor system performance, logs, and security events.
• Support API Gateway platforms (e.g., MuleSoft Anypoint Platform).
• Ensure compliance with HIPAA, CMS, FISMA, FedRAMP, and NIST (800-53, 800-171).
• Support ATO processes, audits, and security documentation.
• Implement continuous monitoring and compliance reporting.
• Collaborate with ISSO and security teams on risk assessments.
• Work closely with developers, architects, QA, and security teams.
• Participate in Agile ceremonies and release planning.
• Provide guidance on secure coding and cloud security best practices.

Qualifications

• 4+ years of experience in DevOps or DevSecOps engineering.
• Strong experience with CI/CD tools (Jenkins, GitLab CI, GitHub Actions).
• Hands-on experience with cloud platforms (AWS, Azure, or GCP).
• Experience with containerization and orchestration (Docker, Kubernetes).
• Knowledge of security tools (Snyk, SonarQube, Aqua, Prisma Cloud, or similar).

Preferred Qualifications

• Experience supporting federal or healthcare IT programs.
• Experience with API Gateways and MuleSoft.
• Knowledge of FHIR/HL7 healthcare data standards.
• Experience with FedRAMP Moderate/High environments.
• AWS certification preferred, particularly AWS Certified DevOps Engineer – Professional or Solutions Architect – Associate/Professional.

Key Skills

• DevSecOps & CI/CD Automation
• Cloud Security & Infrastructure as Code
• Container & Kubernetes Security
• Federal Compliance & ATO Support
• Monitoring, Logging & Incident Response
• API Gateway & Integration Platforms

Residency Requirement

• Candidate must be US Citizen OR Green Card to obtain Public Trust clearance and must have lived in the United States for at least three (3) out of the last five (5) years.

Salary & Benefits Information

• The actual salary offer will carefully consider a wide range of factors, including your skills, qualifications, experience, and location.
• C-HIT offers Healthcare Benefits, Remote Working Options, Paid Time Off, PTO cash-out, Training/Certification opportunities, Healthcare Savings Account & Flexible Savings Account, Paid Life Insurance, Short-term & Long-term Disability, 401K Match & Profit sharing, Employee Assistance Program, Paid Holidays, and much more perks and Voluntary benefits!
• Employees of C-HIT shall, as an enduring obligation throughout their term of employment, adhere to all information security requirements as documented in company policies and procedures.