Principal Cloud Dev Ops Engine

Job Description:

Job Summary

The Principal Cloud Development Operations Engineer (SDLC & CI/CD Controls) defines and leads DeepHealth’s enterprise DevSecOps strategy, serving as the organizational authority on pipeline security and secure software delivery. The role drives the design, governance, and continuous improvement of automated security controls across all CI/CD pipelines and developer workflows—ensuring security is built in from design through production while enabling delivery that is fast, measurable, and audit-ready at scale.

Essential Duties and Responsibilities

• Define and own the enterprise DevSecOps toolchain strategy; architect standardized pipeline security frameworks—covering SAST, SCA, secrets scanning, IaC scanning, and container scanning—adopted across all engineering teams.
• Establish and govern enterprise release security standards and gating policies across the software delivery organization; lead exception governance and risk acceptance frameworks at the program level.
• Drive organization-wide adoption of secure development standards; influence engineering leadership on secure-by-default practices and set measurable risk reduction goals tied to business objectives.

CI/CD Pipeline Hardening & Automation

• Architect and lead the development of enterprise-grade automation frameworks for pipeline security checks, artifact integrity, pipeline hygiene, and audit evidence generation; define reusable standards adopted across the engineering organization.
• Define and enforce secrets management standards and credential exposure reduction strategies across the entire build and deployment ecosystem; partner with platform leadership to drive enterprise-wide adoption.
• Establish tooling performance standards and quality criteria for security controls across all pipelines; lead continuous improvement of the security toolchain to optimize the balance between risk coverage and developer velocity.

Vulnerability Management Workflow (Engineering-Usable)

• Define and own the enterprise vulnerability risk management framework; lead cross-functional prioritization of findings with product, engineering, and compliance stakeholders, driving systemic remediation strategies.
• Establish and own vulnerability SLA standards and exception governance policies; provide executive-level reporting on risk posture, aging trends, and program-wide effectiveness to senior leadership.

Security Standards, Threat Modeling & Enablement

• Lead and advance DeepHealth’s threat modeling methodology; define organizational standards for security risk assessment and translate complex threat landscapes into strategic engineering priorities.
• Establish and lead the organization’s security champions program; define the DevSecOps maturity roadmap and drive measurable, sustained improvement in security culture across all engineering teams.

PLEASE NOTE: This is not an exhaustive list of all duties, responsibilities and requirements of the position described above. Other functions may be assigned, and management retains the right to add or change duties at any time.

Minimum Qualifications, Education and Experience

• Bachelor’s degree in engineering or related field or equivalent experience required.
• 12+ years in DevOps, platform engineering, application security, or software engineering with hands-on CI/CD responsibility required.
• Demonstrated record of designing and leading enterprise DevSecOps programs, including toolchain strategy, pipeline security architecture, and cross-organizational adoption at scale.
• Exceptional communication and influence skills; demonstrated ability to drive strategic alignment on DevSecOps programs across engineering, product, and executive stakeholders.

Technical Skill Set (Required)

CI/CD & Engineering Systems (Hands-On)

• Deep expertise in CI/CD platforms (GitHub Actions, GitLab CI/CD, Jenkins, Azure DevOps); able to architect multi-platform pipeline strategies and evaluate emerging tooling at an organizational level.
• Expertise in designing and governing enterprise-scale pipeline policy frameworks, release controls, and branch protection standards; defines organizational standards adopted across teams.

Scripting / Automation

• Advanced proficiency in Python, Bash, PowerShell, or equivalent; designs automation architectures and reusable frameworks adopted across the engineering organization.
• Expert-level API integration capability; architects toolchain integrations and metrics platforms to support program-wide reporting and continuous compliance evidence generation.

Application Security Fundamentals

• Expert knowledge of application security risks, attack vectors, and secure development patterns; contributes to and influences internal security standards and industry frameworks (OWASP, NIST, CIS).

IaC / Container Awareness

• Deep expertise in IaC and container security architecture (Terraform, CloudFormation, Bicep; Docker, Kubernetes); defines organizational standards for supply chain integrity, image scanning, and runtime security controls.

Preferred Qualifications

• Demonstrated program leadership in regulated environments (PHI/PII); authored or significantly contributed to enterprise HIPAA, SOC2, or ISO 27001 compliance programs with direct audit and evidence ownership.
• Expert-level knowledge across the DevSecOps/AppSec toolchain (Semgrep, SonarQube, Snyk, Trivy, Prisma/Defender); experience leading enterprise-scale tooling evaluation, selection, and onboarding programs.
• Advanced security certifications strongly preferred (CISSP, CSSLP, AWS Security Specialty, or equivalent); thought leadership through published work, conference presentations, or open-source contributions is a strong differentiator.

Quality Standards

• Communicates, cooperates, and consistently functions professionally and harmoniously with all levels of supervision, co-workers, visitors, and vendors.
• Demonstrates initiative, personal awareness, professionalism and integrity, and exercises confidentiality in all areas of performance.
• Follows all local, regional and country laws concerning employment.
• Follows all DeepHealth policies and procedures.
• Follows data privacy, compliance, safety and confidentiality standards at all times.
• Practices universal safety precautions.
• Promotes good public relations on the phone and in person.
• Adapts and is willing to learn new tasks, methods, and systems.
• Reports to work regularly as scheduled; consistently punctual with respect to working hours, meal and rest breaks, and maintains satisfactory personal attendance in accordance with DeepHealth guidelines.
• Completes job responsibilities in a quality and timely manner.

Physical Demands

This position often requires sitting, standing, walking, bending, twisting, reaching with hands and arms, using hands and fingers, handling, or feeling, speaking, listening, and high-level cognitive thinking. Also, must be able to lift up to 10 pounds occasionally.

Travel

This position requires domestic / international travel up to 10%.

Working Environment

Remote

Salary: $200,000 - $230,000

Pay Range: USD $200,000.00 - USD $230,000.00 /Yr.