Principal Cloud Development Operations Engineer

Job Description

Description

The Cloud Development Operations Lead (SDLC & CI/CD Controls) embeds security directly into DeepHealth’s software delivery lifecycle by implementing and operating automated security controls in CI/CD pipelines and developer workflows. The role focuses on repeatable guardrails—so security is built in from design through production—while keeping delivery fast, measurable, and audit-ready.

Job Summary

The Cloud Development Operations Lead (SDLC & CI/CD Controls) embeds security directly into DeepHealth’s software delivery lifecycle by implementing and operating automated security controls in CI/CD pipelines and developer workflows. The role focuses on repeatable guardrails—so security is built in from design through production—while keeping delivery fast, measurable, and audit-ready.

Essential Duties and Responsibilities

·       Embed security tooling into CI/CD (SAST, SCA, secrets scanning, IaC scanning, container scanning) using standardized pipeline patterns and reusable templates.

·       Define practical release gating rules that prevent high-risk defects from shipping while supporting documented exception workflows when needed.

·       Partner with engineering teams to operationalize secure coding practices and reduce recurring findings (OWASP Top 10 classes).

CI/CD Pipeline Hardening & Automation

·       Build and maintain automation/scripts to support security checks, artifact integrity, pipeline hygiene, and evidence generation.

·       Reduce credential and secrets exposure across build and deployment workflows in partnership with platform/DevOps owners.

·       Tune security tooling to minimize noise and maintain acceptable pipeline performance (avoid security checks becoming bottlenecks).

Vulnerability Management Workflow (Engineering-Usable)

·       Triaging and prioritizing application and pipeline findings with product/engineering owners; validate remediation and closure.

·       Implement service-level expectations for critical/high findings and track aging, exceptions, and trends for leadership reporting.

Security Standards, Threat Modeling & Enablement

·       Support lightweight threat modeling for new features and major changes; translate risk into actionable engineering requirements.

·       Act as a security champion within engineering teams—coaching, pairing on fixes, and raising baseline maturity without slowing delivery.

PLEASE NOTE: This is not an exhaustive list of all duties, responsibilities and requirements of the position described above.  Other functions may be assigned, and management retains the right to add or change duties at any time.

Minimum Qualifications, Education and Experience

·        10+ years in DevOps, platform engineering, application security, or software engineering with hands-on CI/CD responsibility.

·        Demonstrated experience integrating security tooling into pipelines and tuning for practical developer use.

·        Strong written/verbal communication; able to translate security requirements into usable engineering workflows.

Technical Skill Set (Required)

CI/CD & Engineering Systems (Hands-On)

·        Experience with CI/CD tooling such as GitHub Actions, GitLab CI/CD, Jenkins, or Azure DevOps.

·        Experience implementing policy/gating in pipelines and maintaining secure branch/release controls.

Scripting / Automation

·        Proficiency with Python, Bash, PowerShell, or equivalent scripting for automation and reporting.

·        Comfort working with APIs to integrate tools and export evidence/metrics.

Application Security Fundamentals

·        Strong understanding of common application security risks and secure coding patterns (e.g., OWASP Top 10).

IaC / Container Awareness

·        Familiarity with Infrastructure-as-Code and container build/deploy security practices (Terraform/CloudFormation/Bicep; Docker/Kubernetes).

Preferred Qualifications

·        Experience operating in regulated environments (PHI/PII) with audit/evidence expectations (HIPAA-aligned safeguards, SOC2/ISO-style controls).

·        Familiarity with common DevSecOps/AppSec tools (e.g., Semgrep, SonarQube, Snyk, Trivy, Prisma/Defender—tooling may vary).

·        Security or cloud certifications (nice-to-have): Security+, AWS/Azure/GCP security-focused credentials, or equivalent experience.

Quality Standards

·       Communicates, cooperates, and consistently functions professionally and harmoniously with all levels of supervision, co-workers, visitors, and vendors.

·       Demonstrates initiative, personal awareness, professionalism and integrity, and exercises confidentiality in all areas of performance.

·       Follows all local, regional and country laws concerning employment.

·       Follows all DeepHealth policies and procedures.

·       Follows data privacy, compliance, safety and confidentiality standards at all times.

·       Practices universal safety precautions.

·       Promotes good public relations on the phone and in person.

·       Adapts and is willing to learn new tasks, methods, and systems.

·       Reports to work regularly as scheduled; consistently punctual with respect to working hours, meal and rest breaks, and maintains satisfactory personal attendance in accordance with DeepHealth guidelines.

·       Completes job responsibilities in a quality and timely manner.

Physical Demands

This position often requires sitting, standing, walking, bending, twisting, reaching with hands and arms, using hands and fingers, handling, or feeling, speaking, listening, and high-level cognitive thinking. Also, must be able to lift up to 10 pounds occasionally.

Travel

This position requires domestic / international travel up to 10%.

The position requires the ability drive a vehicle and utilize other forms of transportation.

Working Environment

Remote

Accommodations

Reasonable accommodations may be made to enable people with disabilities to perform the essential functions of the job.

Requirements

Minimum Qualifications, Education and Experience

·        3+ years in DevOps, platform engineering, application security, or software engineering with hands-on CI/CD responsibility.

·        Demonstrated experience integrating security tooling into pipelines and tuning for practical developer use.

·        Strong written/verbal communication; able to translate security requirements into usable engineering workflows.

Technical Skill Set (Required)

CI/CD & Engineering Systems (Hands-On)

·        Experience with CI/CD tooling such as GitHub Actions, GitLab CI/CD, Jenkins, or Azure DevOps.

·        Experience implementing policy/gating in pipelines and maintaining secure branch/release controls.

Scripting / Automation

·        Proficiency with Python, Bash, PowerShell, or equivalent scripting for automation and reporting.

·        Comfort working with APIs to integrate tools and export evidence/metrics.

Application Security Fundamentals

·        Strong understanding of common application security risks and secure coding patterns (e.g., OWASP Top 10).

IaC / Container Awareness

·        Familiarity with Infrastructure-as-Code and container build/deploy security practices (Terraform/CloudFormation/Bicep; Docker/Kubernetes).

Preferred Qualifications

·        Experience operating in regulated environments (PHI/PII) with audit/evidence expectations (HIPAA-aligned safeguards, SOC2/ISO-style controls).

·        Familiarity with common DevSecOps/AppSec tools (e.g., Semgrep, SonarQube, Snyk, Trivy, Prisma/Defender—tooling may vary).

·        Security or cloud certifications (nice-to-have): Security+, AWS/Azure/GCP security-focused credentials, or equivalent experience.