DevSecOps Engineer

Description

Who We Are 

OMNY is a real world data exchange platform that enables health systems and specialty networks to share their de-identified data sets with external parties at scale. The company’s vision is to help sustain the healthcare ecosystem through a data driven business model, while unlocking incredible innovation in the life sciences industry with real world data from health systems. The OMNY platform ensures control, security, and data governance for both data sellers and data buyers. We are eager to onboard professionals who are prepared to innovate and redefine the standards of data sharing and utilization. Join us if you are ready to take on significant challenges and contribute to our continuous success!

What We're Looking For

As a DevSecOps Engineer at OMNY, you will integrate security at every phase of software development to enhance our infrastructure and applications across healthcare-focused platforms. This role requires proactive engagement in a variety of projects, including the development of security infrastructure, continuous monitoring and defense against emerging threats, and ongoing refinement of our security practices to align with compliance standards.

Your responsibilities will involve the holistic identification, preparation, and mitigation of potential security threats to OMNY's IT systems and software architecture. You will serve as a pivotal advisor to management on IT policies within the healthcare sector and oversee the performance enhancement of our security frameworks. We seek a candidate who is deeply committed to building secure system foundations and possesses substantial experience in security, networking, and protocol management.

Key Responsibilities: 

• Integrate security measures with DevOps practices, enhancing the security posture of our applications and infrastructure.
• Develop and maintain security automation and monitoring to quickly detect and respond to threats.
• Perform thorough security assessments and penetration testing, identify vulnerabilities, and ensure timely remediation.
• Collaborate with development teams to advocate secure coding practices and implement security measures throughout the software development and deployment processes.
• Manage security tools and implement necessary updates and patches to mitigate risk.
• Support enterprise security goals, including SOC, HITRUST, and others relevant to healthcare data security.
• Participate in the development and enforcement of security policies and procedures.
• Support incident response and forensic analysis activities.
• Stay up-to-date on emerging cybersecurity threats and technologies, and recommend proactive measures to mitigate risks.
• Take ownership of IAM (Identity and Access Management) policies in our cloud infrastructure, ensuring they are aligned with best practices and compliance standards.

Preferred Qualifications

• Proficiency in one or more programming languages (Go, C#, Java, etc…).
• Certifications such as Certified Ethical Hacker (CEH) or Certified Information Systems Security Professional (CISSP).

Requirements

Requirements and Qualifications: 

• Bachelor’s degree in Computer Science, Cybersecurity, or a related field.
• 5+ years of experience in operations / cybersecurity roles.
• Strong technical background in systems architecture, DevOps, and security.
• Experience with CI/CD tools, containerization technologies, and cloud services (AWS, GCP, Azure).
• Proficient in scripting languages such as Bash, Python, or PowerShell.
• Familiarity with security frameworks (NIST, ISO 27001, PCI DSS) and compliance regulations.
• Strong understanding of fundamental TCP/IP and related network services (e.g. DNS, NTP, SNMP, SMTP, etc.) and network security design concepts.
• Experience with security tools such as vulnerability scanners, intrusion detection/prevention systems (IDS/IPS), and SIEM solutions.
• Strong problem-solving skills and ability to communicate technical concepts effectively.
• Excellent verbal and written communication skills.
• Experience with Kubernetes or Infrastructure as Code (Terraform, Ansible).
• Ability to manage multiple projects simultaneously.

Role Location  

Must be local in the greater Atlanta, GA area but the role is a primarily remote role.

Is This Role Not an Exact Fit?  

Sign up to keep in touch and we’ll let you know when we have new positions on our team.  

What We Offer

We offer a competitive benefits package inclusive of health benefits and unlimited time off.