Principal DevSecOps Engineer

What You'll Do:

• Level-Up Our CI/CD: Improve GitHub Actions pipelines to improve build speed, consistency, and visibility across teams.
• Architect and Automate Infrastructure: Design and evolve our AWS infrastructure using Terraform and modern IaC best practices.
• Own Observability: Improve logging, metrics, tracing, and alerting across services (Datadog, etc.) to ensure systems are understandable, debuggable, and transparent.
• Lead Security Practices: Define and enforce best practices for cloud and application security; partner with engineering to embed security into our development lifecycle.
• Support Compliance: Partner with compliance and leadership to ensure HIPAA and SOC 2 Type II readiness, including evidence generation and audit support.
• Be the SME: Serve as the go-to expert for all things DevOps, platform security, and cloud infrastructure.
• Set Direction: Collaborate with engineering and product leadership to define technical strategy, roadmap, and investments in platform reliability and security.

About You:

• 8+ years of experience in DevOps, SRE, platform, or security engineering roles
• Deep hands-on experience with:


• AWS core services (EC2, RDS, ECS/EKS, IAM, etc.)
• Infrastructure as code (Terraform or equivalent)
• CI/CD pipelines (GitHub Actions preferred)
• Kubernetes or equivalent container orchestration tools


• Strong grasp of infrastructure and application security practices
• Experience supporting regulated environments (HIPAA, SOC 2, HITRUST, etc.)
• Clear, effective communicator - both written and verbal
• Comfortable working cross-functionally and leading by influence
• Biased toward action, pragmatism, and simplicity
• Proven success in high-autonomy, small-team, or startup environments