Principal DevSecOps Engineer

remote
* Technology – Engineering /
Full-time /
Remote
Apply for this job
Heartbeat Health is looking for a Principal DevSecOps Engineer to own and evolve the systems that underpin our ability to build, secure, and scale our virtual-first cardiovascular care platform.

This is a hands-on, high-impact role. You’ll design and enforce the systems and guardrails that enable our teams to move quickly - without compromising security or stability. Working closely with engineering, compliance, and leadership, you’ll shape how we think about security, reliability, and velocity. That means designing and hardening our AWS foundation, leveling up our SDLC, and directly raising the bar on how quickly - and safely - we deliver cardiac care at scale.

What You'll Do:

    • Level-Up Our CI/CD: Improve GitHub Actions pipelines to improve build speed, consistency, and visibility across teams.
    • Architect and Automate Infrastructure: Design and evolve our AWS infrastructure using Terraform and modern IaC best practices.
    • Own Observability: Improve logging, metrics, tracing, and alerting across services (Datadog, etc.) to ensure systems are understandable, debuggable, and transparent.
    • Lead Security Practices: Define and enforce best practices for cloud and application security; partner with engineering to embed security into our development lifecycle.
    • Support Compliance: Partner with compliance and leadership to ensure HIPAA and SOC 2 Type II readiness, including evidence generation and audit support.
    • Be the SME: Serve as the go-to expert for all things DevOps, platform security, and cloud infrastructure.
    • Set Direction: Collaborate with engineering and product leadership to define technical strategy, roadmap, and investments in platform reliability and security.

About You:

    • 8+ years of experience in DevOps, SRE, platform, or security engineering roles
    • Deep hands-on experience with:

    • AWS core services (EC2, RDS, ECS/EKS, IAM, etc.)
    • Infrastructure as code (Terraform or equivalent)
    • CI/CD pipelines (GitHub Actions preferred)
    • Kubernetes or equivalent container orchestration tools

    • Strong grasp of infrastructure and application security practices
    • Experience supporting regulated environments (HIPAA, SOC 2, HITRUST, etc.)
    • Clear, effective communicator - both written and verbal
    • Comfortable working cross-functionally and leading by influence
    • Biased toward action, pragmatism, and simplicity
    • Proven success in high-autonomy, small-team, or startup environments
Apply for this job

Heartbeat Health Home Page

Jobs powered by Lever logo