DevSecOps Engineer

Role Overview:

We are looking for a DevOps Engineer to strengthen our clients security-first infrastructure and drive their technology platform forward. You will be responsible for implementing and maintaining robust Infrastructure as Code (IaaC) solutions while ensuring compliance with ISO27001 and medical device regulations.

In this role, you will architect and maintain our cloud infrastructure on Azure, focusing on security, scalability, and automation. This includes managing our CI/CD pipelines, implementing comprehensive monitoring solutions, and ensuring our infrastructure meets the highest security standards. You'll work closely with our engineering team to implement DevSecOps practices and maintain our SaaS platform's reliability and performance.

A key focus will be on strengthening our security posture through automated compliance checks, regular security audits, and infrastructure hardening. You'll also be responsible for implementing and maintaining disaster recovery solutions, managing access controls, and ensuring our infrastructure aligns with healthcare data protection requirements.

As an early member of our growing team, you'll have the opportunity to shape our DevOps culture and practices. You'll collaborate with our engineering team to establish best practices for infrastructure management, security protocols, and deployment strategies. Your expertise in startup environments and medical technology will be crucial in building scalable, compliant solutions that support our rapid growth while maintaining the highest standards of security and reliability.

Key Responsibilities:

• Design and implement secure cloud infrastructure using Infrastructure as Code principles
• Establish and maintain security controls and monitoring systems aligned with ISO27001 requirements
• Build and maintain CI/CD pipelines with integrated security testing and compliance checks
• Implement automated security scanning and vulnerability management processes
• Develop and maintain disaster recovery and backup solutions for critical systems
• Configure and manage secure cloud environments in Azure, focusing on Web Apps and Functions
• Implement logging, monitoring, and alerting solutions for security events and system health
• Automate compliance checks and documentation for ISO27001 and ISO13485 requirements
• Collaborate with development teams to implement security best practices and DevSecOps processes
• Manage and maintain security protocols for handling sensitive healthcare data

Required Qualifications:

• Strong experience with Infrastructure as Code using Terraform and Azure ARM templates
• Expertise in containerization technologies (Docker, Kubernetes) and container security
• Experience implementing CI/CD pipelines using GitHub Actions with integrated security scanning (Snyk, SonarQube)
• Experience of Azure Web Apps and Azure Functions
• Deep understanding of cloud security best practices and implementing Zero Trust architecture
• Experience with healthcare compliance requirements (ISO27001, ISO13485, HIPAA) and security controls
• Proven track record implementing automated security testing and vulnerability management
• Strong knowledge of monitoring and observability tools (Azure Monitor, Application Insights)
• Experience implementing secure networking and identity management solutions in Azure
• Strong communication skills with ability to collaborate on security requirements across teams
• Track record of building secure and compliant DevOps practices

Desired Skills

• Experience with quality management systems in medical device software development
• Experience of penetration testing
• Background in implementing Agile methodologies
• Experience of startup environments