DevSecOps Engineer

Remote /
Technology – Engineering /
Full-time
The Company

WithMe Health provides a medication guidance solution that replaces legacy Pharmacy Benefit Managers (PBMs) by using modern technology and rich datasets to consistently apply proven science and create individualized experiences for employees and their families. WithMe Health’s solution is unlike any other medication guidance solution in the market today: it is proactive, adaptive, convenient, and engaging. And WithMe Health’s innovative, outcomes-oriented business model aligns interests across the pharmaceutical value chain, optimizing health outcomes while substantially reducing costs for employers.The company was formed in 2018 to address the growing challenges and unmet needs that employers and employees face with legacy PBMs: misaligned business models, frustrating interactions, unknown outcomes, high costs, and a lack of real transparency. Having recently closed a $20 million round of financing from Oak HC/FT, WithMe Health is poised for significant growth while disrupting the $453 billion PBM industry and is looking to build out its team to help achieve this growth.

The Role

The DevSecOps Engineer is a strong technical position which will support the various cloud DevSecOps information security and cybersecurity projects on various project life cycle and maturity assessment. In your security capacity, you may be advising on responding to security incidents, developing detection techniques, supporting SOC2 / HITRUST certification efforts, handling security and compliance requests, testing, and providing feedback.We are seeking an enthusiastic, passionate professional for a DevSecOps Senior Engineer position with established experience with cloud (e.g. AWS, GCP) services, DevOps practices such as build/release management, secure SDLC/DevSecOps practices such as automating processes in CI/CD pipeline, implementing SOC2 and/or HITRUST certification efforts, site reliability and general automation. Your skills are broad - implementing cloud solutions for application architectures, scripting, database and other data services and ensuring reliability  – and you easily transition between those and handle multiple projects and priorities.  

Responsibilities

    • Partner with the Engineering team to create, implement and apply DevSecOps principles, processes and culture
    • Ensure appropriate security practices are communicated and implemented within their application security programs
    • Support adherence and awareness of these practices
    • Support SOC2 and/or HITRUST certification efforts
    • Work with the teams with on-boarding to the adopted security tools/technologies
    • Build & support Site Reliability function & participate in building tools to report system KPIs
    • Deliver tasks based on project objectives; technically support projects through to completion
    • Work with teams to bring continuous improvement to DevSecOps processes and tools

Qualification and Experience

    • Bachelor’s degree in Computer Science, Engineering, or related field or equivalent work experience
    • 2-5 years of experience in DevOps, SRE domainExperience in developing or administering the security of cloud environments AWS, GCP, etc.
    • Practical knowledge of DevOps toolbox: Configuration Management (Ansible, Terraform etc), Containers (Docker, Kubernetes), Continuous Integration & Continuous Delivery (CI/CD) (Jenkins, Github CI), Databases (MongoDB, Postgres) 
    • Experience in maintaining an ELK (Elasticsearch, Logstash, and Kibana) stack
    • Experience in supporting Linux in production environments, working with Unix firewalls, access controls and disk encryption
    • Knowledge and understanding of information security legal and regulatory requirements, such as Health Insurance Portability and Accountability Act (HIPAA)Experience working with industry standards or programs such as SOC2, HITRUST is a plus
    • Practical knowledge of several security practices in SDLC and supporting it security tools, access control, application security, network security, security architecture and security strategy
    • Good working knowledge of PythonHealthcare experience a big plus
    • Must be able to work independently or with a team, under minimum supervision
There are many reasons to come work for us but we’ll just list a few:
Highly competitive pay
80% employer-paid health coverage
401(k) plan eligible day 1
Medical membershipsPaid life insurance
8 weeks’ parental leave for primary caregiver
Flex spending
Results-only work environment
Generous vacation policy  

What does all that mean? It means we want you to be successful and fulfilled; to be happy and to grow. We are trying hard to be one of the best places to work and we pride ourselves on doing more for our people. We have some amazing people here and are excited to talk to you more about joining us. Are you ready? 

WithMe is committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures.

WithMe Health’s commitment to diversity and inclusion honors and respects people from different backgrounds, experiences, and perspectives both within our workforce and for the people we serve. By using a cooperative and compassionate mindset, our goal is to narrow the disparities in healthcare and to improve patient health for all people.