Logo for Alto Pharmacy

Staff DevSecOps Engineer - FuzeRx

Role overview

Qualifications

  • 14+ years of experience in software engineering, infrastructure engineering, or security engineering, with significant experience in DevSecOps environments.
  • Deep expertise in cloud security architecture (AWS and/or GCP).
  • Hands-on experience with CI/CD systems (GitHub Actions, GitLab CI, CircleCI, Jenkins, etc.).
  • Expertise in infrastructure-as-code (Terraform, CloudFormation) and securing IaC pipelines.

Responsibilities

  • Define and lead the DevSecOps vision and roadmap across infrastructure, application, and CI/CD ecosystems.
  • Architect secure-by-design cloud-native systems across AWS/GCP environments and establish security patterns, guardrails, and reference architectures.
  • Embed security controls into CI/CD pipelines and developer workflows; automate security testing and compliance checks; implement policy-as-code and automated governance controls.
  • Lead IAM strategy and least-privilege enforcement, strengthen container and Kubernetes security, and oversee secrets management and encryption standards; partner on audits, incident response, and risk remediation.

About the company

Alto Pharmacy logo

Alto Pharmacy

Alto is America’s leading digital pharmacy, transforming a $500 billion industry. Founded in 2015, Alto’s better pharmacy model is centered on the critical role of pharmacists as the final link in a person’s health journey. Alto combines expert pharmacist care with purpose-built technology to deliver a more convenient and affordable experience for those who need medication. To date, Alto has fulfilled more than three million prescriptions, expanded to twelve markets, and built a mobile app experience that makes it easier than ever to manage medications and chat with a pharmacist. As Alto continues its rapid growth, it remains customer obsessed, with an industry-leading NPS score of 86.

Company details

Company typeSME
Company size501 - 1000

Your match analysis

See how your profile stacks up against this role.

We compared the job requirements to your profile to show where you're strong and where you fall short.

Job description

Job Summary
 

At Fuze Health, we put patients first and tirelessly address the most pressing needs in healthcare. We empower millions to digitally connect with care providers, essential health resources and needed treatments – and enable care providers, employers, health plans and life sciences companies to meaningfully enhance quality, outcomes and value. We are dedicated to helping our partners evolve and modernize to meet emerging patient and marketplace needs.

Fuze Health’s foundation is built upon the strategic combination of several proven, technology-powered innovators in the digital health, diagnostics, and pharmacy sectors. Our growing portfolio brings together the capabilities of industry leaders including LetsGetChecked, Truepill, and Alto Pharmacy, to create a distinctive, unified force in healthcare. Together, we have the shared vision, advanced capabilities and talented teams to deliver next-generation solutions that patients and healthcare partners need today and into the future.





Job Description
Alto Pharmacy (Fuze Health) is seeking a Staff DevSecOps Engineer to join our Engineering organization. As a full-service pharmacy operating nationally across mail-order and physical pharmacy locations, we build and operate highly reliable, secure, and compliant systems that directly impact patient health and safety.
In this role, you will operate as a senior technical leader responsible for embedding security deeply into our engineering lifecycle. You will define DevSecOps strategy, elevate our cloud and application security posture, and partner cross-functionally to ensure Alto’s platform is secure, scalable, compliant, and resilient as we grow nationwide.
This is a hands-on technical leadership role for someone who thrives in complex, regulated environments and wants to shape security architecture at scale.



Job Description
 

Key Responsibilities

Technical Strategy & Architecture

  • Define and lead the DevSecOps vision and roadmap across infrastructure, application, and CI/CD ecosystems.

  • Architect secure-by-design cloud-native systems across AWS/GCP environments.

  • Establish security patterns, guardrails, and reference architectures for engineering teams.

  • Evaluate and implement modern security tooling across SAST, DAST, SCA, container scanning, IaC scanning, and runtime protection.

Secure SDLC & Automation

  • Embed security controls into CI/CD pipelines and developer workflows.

  • Drive infrastructure-as-code security best practices (Terraform, CloudFormation, etc.).

  • Automate security testing and compliance checks to reduce manual overhead.

  • Implement policy-as-code and automated governance controls.

Cloud & Infrastructure Security

  • Lead identity and access management (IAM) strategy and least-privilege enforcement.

  • Strengthen container and Kubernetes security posture.

  • Oversee secrets management, encryption standards, and key management processes.

  • Partner with infrastructure teams on network segmentation, zero-trust architectures, and environment isolation.
     

Risk, Compliance & Incident Response

  • Support and mature Alto’s security program in alignment with HIPAA, SOC 2, HITRUST, and other healthcare regulatory frameworks.

  • Conduct threat modeling, security design reviews, and architecture risk assessments.

  • Partner with Security and Compliance teams on audits and remediation efforts.

  • Provide senior-level leadership during security incidents, including root cause analysis and long-term mitigation planning.

Technical Leadership

  • Mentor senior and mid-level engineers on secure coding and DevSecOps practices.

  • Influence engineering leadership and executive stakeholders on security strategy and risk prioritization.

  • Drive cross-functional alignment across Engineering, Product, IT, and Compliance.

  • Raise the overall security maturity of the organization through scalable frameworks and standards.

Required Experience & Qualifications

Minimum Qualifications:

  • 14+ years of experience in software engineering, infrastructure engineering, or security engineering, with significant experience in DevSecOps environments.

  • Deep expertise in cloud security architecture (AWS and/or GCP).

  • Strong experience securing containerized and Kubernetes-based environments.

  • Hands-on experience with CI/CD systems (GitHub Actions, GitLab CI, CircleCI, Jenkins, etc.).

  • Expertise in infrastructure-as-code (Terraform, CloudFormation) and securing IaC pipelines.

  • Strong knowledge of application security principles, OWASP Top 10, and secure coding practices.

  • Experience implementing and scaling SAST, DAST, SCA, container scanning, and secrets detection tools.

  • Deep understanding of IAM, RBAC, zero-trust models, and encryption best practices.

  • Experience operating in regulated environments (HIPAA, SOC 2, HITRUST, PCI, etc.).

  • Strong scripting or programming skills (Python, Go, Ruby, or similar).

  • Demonstrated ability to influence architectural decisions at a Staff or Principal level.

Preferred Qualifications: 

  • Experience in healthcare, pharmacy, fintech, or other highly regulated industries.

  • Experience building DevSecOps programs from early-stage to scale.

  • Background in site reliability engineering (SRE) or platform engineering.

  • Security certifications such as CISSP, CISM, CCSP, or cloud security certifications (AWS/GCP).

  • Experience implementing threat modeling frameworks (STRIDE, PASTA, etc.).

  • Experience with observability platforms and integrating security telemetry into monitoring systems.



Additional Information
 

Additional Physical Job Requirements

Physical requirements for this role include the ability to work at a computer terminal with monitor, keyboard and mouse for extended periods of time, stoop, bend, and reach for equipment and supplies, make frequent repetitive motions required to operate a computer that include the wrists, hands and fingers, and lift, carry, push, pull, and move light objects up to 20 pounds. The role also requires the ability to effectively communicate through verbal interactions, discern auditory information, and visually perceive details to perform essential job functions.

Consistent with the Americans with Disabilities Act (ADA) and similar applicable state laws, it is Fuze Health’s policy to provide reasonable accommodation to enable qualified individuals with disabilities to perform essential job functions, unless such accommodation would cause an undue hardship.

Salary and Benefits 

Salary Range: $166,00 - $200,000

Commission Eligible: No

Travel: No - Required up to 0% of the time  

Location Requirement: Alto is limited to individuals residing in the following states: Arizona, Arkansas, California, Colorado, Florida, Kansas, Maryland, Missouri, Nevada, New Jersey, New York, North Carolina, Oregon, Pennsylvania, South Carolina, Tennessee, Texas, Washington (WA), and Wisconsin.

Employment Authorization Requirement: Applicants must be authorized to work for any employer in the U.S. 

Benefits: Full-time employee benefits include: dental, vision, and multiple group medical plans to choose from, a 401(k) retirement savings plan, group life insurance, accidental death and dismemberment (AD&D) insurance, flexible spending account (FSA) and health savings account (HSA), commuter benefits, employer-paid short-term (STD) and long-term disability (LTD) insurance, and additional supplemental insurance plans (spouse life insurance, legal insurance, an employee assistance program, home health testing kits, and a fertility medication discount program). Employees are also provided flexible vacation time, accrued paid sick time, 10 paid holidays, (2 floating holidays for full time non-exempt employees) , and eight weeks of paid parental leave for eligible employees, additional paid weeks for the birthing parent, 4 weeks paid caregiver leave, and a Lifestyle Spending Account allowance each month.

More Benefits Information Here: Fuze Health Benefits Site 


 

Application deadline: March 15, 2026

#LI-Remote 

Fuze Health is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, national origin, religion, sex, gender identity, sexual orientation, age, disability, veteran status, or any other legally protected basis. If you have a disability and require reasonable accommodation during any portion of the application or hiring process, please contact us at talent@fuzehealth.com.


Fuze Health considers qualified applicants with arrest or conviction records for employment and conducts background checks consistent with applicable law, including the California, Los Angeles County, San Francisco, Philadelphia, and New York City Fair Chance laws. We are an E-Verify participating company.


Fuze Health recruiters and hiring managers may use automated decision-making tools to assist with identifying candidates who match the stated job requirements, and to what extent. These tools are designed to help ensure fairness in all aspects of the hiring process by providing recruiters and hiring managers with data-backed insights based on information provided in your resume, including work experience, education, and other skills. If you have any questions or would like to request an alternative process, please contact us at talent@fuzehealth.com. To learn about Fuze Health’s privacy practices including compliance with applicable privacy laws, please click here.

Apply once. Then go straight to the hiring manager.

After you apply, unlock the direct contact details of the people who actually make the call. A quick follow-up makes you 5x more likely to land an interview.

MR

Marcus Rivera

Chief Revenue Officer

m.rivera@company.com
linkedin.com/in/marcusrivera
Unlocked after you apply
·

DevSecOps Engineer Related jobs

Other jobs at Alto Pharmacy

Premium

Reach out to the hiring manager directly.

Gain access to the contact details of the hiring managers who actually decide, and reach out to network with them directly. That, plus more when you upgrade:

  • Full match report with fit score and gaps
  • Career diagnostics on how recruiters read you
  • Curated company matches and warm intros
  • 48h early access to new roles

Cancel anytime.