DevSecOps Engineer

💰 $115k-$135k
🔧 DevOps🔵 Mid-level

Job description

DevSecOps Engineer

Title: DevSecOps Engineer

Department: Engineering

Reports to: VP of Engineering

Location: Fully Remote (U.S.)

Who We Are:

SureCost is the leading provider of pharmacy purchasing and inventory management solutions. Our SaaS platform empowers pharmacies across the nation to streamline their operations, reduce costs, and stay compliant in an increasingly complex and competitive landscape. We are committed to delivering innovative solutions to pharmacies so they can simplify their daily activities and focus on providing the best patient care possible. If you’re looking for a role where you can make a meaningful impact in communities across the country, all while earning a competitive salary, you’ve come to the right place.

At SureCost, we think work/life balance should have, well, balance. With team members across the United States, we value the freedom of fully remote work, flex hours, and unlimited PTO.

What You’ll Do:

As the first dedicated DevSecOps Engineer at SureCost, you’ll play a pivotal role in securing, monitoring, and scaling our cloud infrastructure. You’ll be responsible for building and maintaining a robust security posture, designing automation to reduce manual work, and ensuring that security is embedded across the software development lifecycle. Collaborating closely with engineering, product, and operations teams, you’ll own key processes like CI/CD, observability, and incident response, while driving a culture of security awareness throughout the organization. Reporting to our engineering leadership, your expertise in DevOps, cloud infrastructure, and security will be critical to ensuring reliability, resilience, and trust at scale. With your technical capabilities and forward-looking mindset, you’ll have a direct and meaningful impact on SureCost’s security, performance, and long-term growth.

  • Maintain and improve our security posture by implementing and monitoring necessary security controls
  • Design, implement, and maintain CI/CD pipelines using GitLab CI/CD
  • Develop and manage AWS infrastructure using Infrastructure as Code (Terraform)
  • Automate deployment, monitoring, and management processes to reduce manual intervention
  • Manage and mitigate supply chain risks by monitoring third-party components and dependencies, leveraging tools like Snyk
  • Implement and maintain monitoring and observability solutions (DataDog, Prometheus, Grafana) to ensure system health and performance
  • Partner with development and product teams to integrate security throughout the SDLC
  • Own incident response processes, including detection, triage, and resolution of security events
  • Serve as the security champion within the organization, driving a culture of security awareness
  • Research and evaluate new tools and processes to continuously improve security and operational efficiency

What You’ll Need:

  • Education & Experience:

    • 3+ years of experience in DevOps, SecOps, or related roles

    • Bachelor’s degree in Computer Science, Engineering, or related field (or equivalent experience)

  • Technical Skills:

    • Expertise with AWS services (EC2, S3, RDS, Lambda, VPC) and security best practices

    • Experience with Infrastructure as Code (Terraform)

    • Familiarity with containerization and orchestration (Docker; Kubernetes or Nomad a plus)

  • Proficiency with CI/CD pipelines (GitLab preferred)

  • Hands-on experience with monitoring, logging, and alerting tools (DataDog, Prometheus, Grafana)

  • Experience with security scanning tools (Snyk, Dependabot, or similar)

  • Strong knowledge of security principles, identity and access management, and compliance frameworks (SOC 2)

  • Experience with secrets management and access control systems (e.g., Vault, AWS IAM)

  • Strong troubleshooting and problem-solving skills

  • Soft Skills:

    • Excellent communication skills and ability to work cross-functionally

    • Proactive, curious, and able to work independently as a security leader

A Huge Plus If You Have:

  • Experience with FreeIPA or other enterprise identity management solutions
  • Experience with HAProxy or other load-balancing technologies
  • Familiarity with SOC 2 and HIPAA compliance requirements
  • Background in healthcare or pharmacy SaaS environments

Perks and Benefits:

We are proud to offer generous benefits including:

  • Fully Remote work environment
  • Unlimited PTO (Highly suggested 3-week minimum)
  • Flexible Hours to fit your work-life balance
  • 100% healthcare premiums covered for employees
  • 70% healthcare premiums covered for dependents
  • Low-cost vision and dental coverage for employees
  • Automatic 3% employer contribution to 401k
  • 12 weeks of fully paid parental leave
  • Technology stipend to cover the equipment you need to set up your home office
  • Professional development reimbursement to support continued learning

The estimated base salary range for this role is $115,000-135,000/year in addition to an annual bonus based on individual and company performance. The estimated salary range reflects an anticipated range for this position. The actual base salary offered may depend on a variety of factors, including the qualifications of the individual applicant for the position, years of relevant experience, specific and unique skills, level of education attained, certifications or other professional licenses held, business needs, geographic market, and often a combination of all of these factors. The actual base salary offered will be in accordance with state or local minimum wage requirements for the job location.

Please note: SureCost is currently hiring only in the following states: California, Colorado, Florida, Georgia, Illinois, Louisiana, Maryland, Nevada, New Hampshire, New Jersey, New York, North Carolina, Ohio, Pennsylvania, Rhode Island, Tennessee, Texas, Utah, Virginia, Washington and Wisconsin. Candidates must reside in one of these states to be considered for this position.

SureCost is an equal opportunity employer, dedicated to a policy of non-discrimination on the basis of race, color, religion, sex, national origin, ancestry, age, disability or any other characteristic protected by law.

We are required by federal law to verify the identity and employment eligibility of all persons hired to work in the United States. We participate in E-Verify (Employment Verification). We will provide the Social Security Administration (SSA) and, if necessary, the Department of Homeland Security (DHS), with the information from each new employee’s Form I-9 to confirm work authorization.

Please be advised that, if selected for this position, a background check will be conducted as a condition of employment upon acceptance of a contingent job offer.

Share this job:
Please let SureCost know you found this job on Remote First Jobs 🙏

Similar Remote Jobs

Latest Jobs at SureCost

Benefits of using Remote First Jobs

Discover Hidden Jobs

Unique jobs you won't find on other job boards.

Advanced Filters

Filter by category, benefits, seniority, and more.

Priority Job Alerts

Get timely alerts for new job openings every day.

Manage Your Job Hunt

Save jobs you like and keep a simple list of your applications.

Search remote, work from home, 100% online jobs

We help you connect with top remote-first companies.

Search jobs

Hiring remote talent? Post a job

Frequently Asked Questions

What makes Remote First Jobs different from other job boards?

Unlike other job boards that only show jobs from companies that pay to post, we actively scan over 20,000 companies to find remote positions. This means you get access to thousands more jobs, including ones from companies that don't typically post on traditional job boards. Our platform is dedicated to fully remote positions, focusing on companies that have adopted remote work as their standard practice.

How often are new jobs added?

New jobs are constantly being added as our system checks company websites every day. We process thousands of jobs daily to ensure you have access to the most up-to-date remote job listings. Our algorithms scan over 20,000 different sources daily, adding jobs to the board the moment they appear.

Can I trust the job listings on Remote First Jobs?

Yes! We verify all job listings and companies to ensure they're legitimate. Our system automatically filters out spam, junk, and fake jobs to ensure you only see real remote opportunities.

Can I suggest companies to be added to your search?

Yes! We're always looking to expand our listings and appreciate suggestions from our community. If you know of companies offering remote positions that should be included in our search, please let us know. We actively work to increase our coverage of remote job opportunities.

How do I apply for jobs?

When you find a job you're interested in, simply click the 'Apply Now' button on the job listing. This will take you directly to the company's application page. We kindly ask you to mention that you found the position through Remote First Jobs when applying, as it helps us grow and improve our service 🙏

Apply