DevSecOps Engineer

extra holidays
Work set-up: 
Full Remote
Contract: 
Experience: 
Senior (5-10 years)
Work from: 
United States

Offer summary

Qualifications:

Bachelor's degree in Computer Science, Information Security, Engineering, or related field., 5+ years of experience in cloud security, DevSecOps, or security engineering., Hands-on experience with cloud security in AWS, Azure, or GCP environments., Knowledge of security frameworks such as NIST, CIS Controls, and healthcare compliance like HIPAA and HITRUST..

Key responsibilities:

  • Design and implement cloud security architectures across multiple cloud platforms.
  • Develop and maintain DevSecOps pipelines with security scanning and compliance checks.
  • Collaborate with engineering teams to embed security into development processes.
  • Support security assessments, vulnerability management, and incident response for cloud environments.

The Rawlings Group logo
The Rawlings Group Insurance Large https://www.rawlingsgroup.com/
1001 - 5000 Employees
See all jobs

Job description

Job Details
Job Location: California Office Roseville, CA
Salary Range: Undisclosed
Description

Who We Are

Machinify is a leading healthcare intelligence company with expertise across the payment continuum, delivering unmatched value, transparency, and efficiency to health plan clients across the country. Deployed by over 60 health plans, including many of the top 20, and representing more than 160 million lives, Machinify brings together a fully configurable and contentrich, AIpowered platform along with bestinclass expertise. We’re constantly reimagining what’s possible in our industry, creating disruptively simple, powerfully clear ways to maximize financial outcomes and drive down healthcare costs.

Location:

This role is fully remote

About the Opportunity

At Machinify, were building a robust security program to protect our clients sensitive healthcare data and maintain the highest standards of information security. As part of the Security team, you will serve as a technical security expert responsible for securing our cloud infrastructure, implementing DevSecOps practices, and ensuring our SaaS platforms meet the highest security standards. This role is essential to maintaining our security posture as we continue to integrate four distinct technology platforms and scale our operations.

As a Cloud Security Analyst, you will be primarily responsible for cloud security architecture, DevSecOps implementation, and SaaS security management across our multicloud environment. Youll work closely with engineering, DevOps, and IT teams to embed security throughout our development lifecycle while ensuring our cloud infrastructure remains secure and compliant with healthcare regulations.

What youll do

Primary Responsibilities Cloud Security & DevSecOps (70% of role):

  • Design and implement cloud security architectures across AWS, Azure, and other cloud platforms
  • Develop and maintain DevSecOps pipelines integrating security scanning, vulnerability assessment, and compliance checks
  • Configure and manage cloud security tools including CSPM, CWPP, and cloudnative security services
  • Conduct security architecture reviews for new applications, services, and infrastructure changes
  • Implement Infrastructure as Code (IaC) security best practices and automated security controls
  • Monitor cloud environments for security threats, misconfigurations, and compliance violations
  • Manage container security and Kubernetes security configurations
  • Oversee API security implementations and SaaS integration security reviews
    • Supporting Security Program Responsibilities (30% of role):

      • Collaborate with engineering teams to implement secure coding practices and security testing
      • Support vulnerability management programs including scanning, assessment, and remediation tracking
      • Assist with security incident response and forensic analysis for cloudbased incidents
      • Develop and maintain security automation scripts and tools
      • Participate in security assessments and penetration testing coordination
      • Create technical security documentation and architectural diagrams
      • Support SOC2 and HITRUST compliance activities with technical evidence collection
      • Provide security guidance for vendor integrations and thirdparty SaaS evaluations
      • Contribute to disaster recovery and business continuity planning
      • Mentor development teams on security best practices and threat modeling
        • Qualifications

          Essential Qualifications

          • Bachelors degree in Computer Science, Information Security, Engineering, or related field, or equivalent work experience
          • 5+ years of experience in cloud security, DevSecOps, or security engineering
          • Strong handson experience with cloud security in AWS, Azure, or GCP environments
          • Demonstrated experience implementing DevSecOps practices and security automation
          • Proficiency with Infrastructure as Code tools (Terraform, CloudFormation, ARM templates)
          • Experience with container security and orchestration platforms (Docker, Kubernetes)
          • Knowledge of security frameworks such as NIST Cybersecurity Framework, CIS Controls, and OWASP
          • Understanding of healthcare compliance requirements (HIPAA, HITRUST)
          • Experience with security scanning tools, SASTDAST, and vulnerability management platforms
            • Preferred Qualifications

              • Cloud security certifications (AWS Security Specialty, Azure Security Engineer, CCSP, or similar)
              • Security certifications (CISSP, GSEC, CEH, or similar)
              • Experience in healthcare technology or regulated industries
              • Familiarity with CICD platforms (Jenkins, GitLab, GitHub Actions, Azure DevOps)
              • Knowledge of scripting languages (Python, PowerShell, Bash)
              • Experience with security orchestration and automation (SOAR) tools
              • Understanding of network security, encryption, and identity management in cloud environments

                • Expectations

                  • Design and implement robust cloud security solutions that protect sensitive healthcare data
                  • Integrate security seamlessly into development and deployment processes
                  • Maintain security best practices while enabling business agility and innovation
                  • Collaborate effectively with engineering, DevOps, and IT teams
                  • Stay current with evolving cloud security threats and emerging technologies
                  • Balance security requirements with operational efficiency and development velocity
                  • Provide technical leadership and guidance on security architecture decisions
                    • Success Criteria for the First 3 Months

                      Understanding the Environment

                      • Gain comprehensive knowledge of Machinifys current cloud infrastructure and security tooling across all four legacy companies
                      • Understand the technical architecture, data flows, and integration points between systems
                      • Learn existing DevSecOps processes and identify opportunities for improvement
                        • Building Relationships

                          • Establish collaborative relationships with engineering, DevOps, and IT teams
                          • Build effective communication with cloud architects and platform teams
                          • Actively participate in architecture reviews and security design discussions
                          • Begin implementing security improvements with engineering team guidance
                            • Technical Assessment and Planning

                              • Complete security assessment of current cloud environments and identify priority security gaps
                              • Successfully implement assigned security automation projects with minimal guidance
                              • Develop efficient workflows for routine security tasks and monitoring
                                • Feedback and Growth

                                  • Incorporate feedback from technical teams to improve security implementations
                                  • Demonstrate ability to balance security requirements with development needs
                                    • Confidence and Comfort

                                      • Gain confidence in cloud security tool configuration and security architecture reviews
                                      • Become comfortable with compliance requirements and technical documentation processes

                                        • Success Criteria for the First Year

                                          Technical Mastery

                                          • Demonstrate expertise in cloud security and become the goto resource for DevSecOps and security architecture questions
                                          • Successfully lead complex security implementations and cloud security projects
                                          • Establish security standards and best practices across all development teams
                                            • Building Technical Leadership

                                              • Become a trusted security advisor to engineering and platform teams
                                              • Effectively influence security decisions across multiple technology platforms
                                              • Drive security automation initiatives that improve overall security posture
                                                • Greater Technical Responsibility

                                                  • Take ownership of cloud security strategy and implementation across the organization
                                                  • Lead security architecture reviews for major platform initiatives and integrations
                                                  • Contribute to technology decisions based on security requirements and risk analysis
                                                    • Career Progression and Development

                                                      • Obtain relevant cloud security or advanced security certifications
                                                      • Share knowledge and mentor engineering teams on security best practices
                                                      • Contribute to platform consolidation efforts through security expertise and technical leadership
                                                        • Recognition and Technical Impact

                                                          • Become a reliable resource for complex security challenges and a key contributor to platform security
                                                          • Demonstrate technical leadership in security initiatives and cloud transformation projects
                                                          • Receive recognition from engineering teams for enabling secure, efficient development practices
                                                            • Pay range: $150,000 $200,000

                                                              This is an exempt position. For Salary positions only: The salary range is for Base Salary. Compensation will be determined based on several factors including, but not limited to, skill set, years of experience, and the employees geographic location.

                                                              What’s in it for you

                                                              • PTO, Paid Holidays, and Volunteer Days
                                                              • Eligibility for health, vision and dental coverage, 401(k) plan participation with company match, and flexible spending accounts
                                                              • Tuition Reimbursement
                                                              • Eligibility for companypaid benefits including life insurance, shortterm disability, and parental leave.
                                                              • Remote and hybrid work options
                                                                • What values we’ll share with you

                                                                  • Ask why
                                                                  • Think big
                                                                  • Be humble
                                                                  • Optimize for customer impact
                                                                  • Deliver results

                                                                    • At Machinify, we’re reimagining a simpler way forward. This begins with our employees. We are innovators who value integrity, teamwork, accuracy, and flexibility. We do the right thing, and we listen to the needs of our clients and their members. As tenured experts with unmatched experience, we champion diverse perspectives that help us to better understand and serve our clients.

                                                                      Our values come to life through our culture. We embrace flexible working arrangements that allow our employees to bring innovation to life in the way that best suits their productivity. We work crossfunctionally, abandoning silos, to bring innovative and accurate solutions to market. We invest in each other through ongoing education and team celebrations, and we give back to our communities through dedicating days for volunteering. Together, Machinify is making healthcare work better for everyone, and we’re passionate about a future with better outcomes for all.

                                                                      We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender, gender identity or expression, or veteran status. We are proud to be an equal opportunity workplace. Machinify is an employment at will employer. We participate in EVerify as required by applicable law. In accordance with applicable state laws, we do not inquire about salary history during the recruitment process. If you require a reasonable accommodation to complete any part of the application or recruitment process, please contact our People Operations team at peopleoperations@rawlingscompany.com. See our Candidate Privacy Notice at: https:www.machinify.comcandidateprivacynotice

                                                                      #INDHP

Required profile

Experience

Level of experience: Senior (5-10 years)
Industry :
Insurance
Spoken language(s):
English
Check out the description to know which languages are mandatory.

Other Skills

  • Mentorship
  • Collaboration
  • Communication
  • Problem Solving

DevSecOps Engineer Related jobs