DevSecOps Engineer, Senior

Blue Shield of California • California, United States, US • $99k - $148.50k / year • 2d ago

Job Description

Your Role

As a DevSecOps Engineer in IT Quality Engineering Organization, you will play a crucial role in ensuring the security and quality of software products. Your primary responsibility will be to establish the best practices and standards for DevSecOps methodologies, ensuring a secure and seamless transition to the cloud environment. You will lead the implementation of DevSecOps best practices, specifically tailored for Azure, and collaborate with cross-functional teams to ensure security is integrated throughout the software development lifecycle. You will also organize training and provide mentoring to help others get up to speed on DevSecOps best practices. A strong focus on cloud solutions and design will be essential to support the seamless integration of applications on Azure.

Your Work

In this role, you will:

Evaluate and analyze the existing IT infrastructure, identifying areas for improvement and security enhancement.
Design and implement secure, scalable, and automated cloud-based solutions on Microsoft Azure to support application deployment and management.
Advocate for DevSecOps principles and practices within the organization.
Lead the implementation of DevSecOps practices, including continuous integration, continuous delivery, continuous testing (CI-CD-CT), and automated testing, tailored for the Azure cloud environment.
Collaborate with software development teams to integrate security controls and best practices into the application development process and to create robust testing strategies that covers functional, security, and performance aspects.
Develop and execute test plans, test cases, and test scripts to validate software functionality and security.
Encourage collaboration between development, operations, and security teams.
Maintain comprehensive documentation related to testing processes, security findings, and remediation efforts.
Generate reports on testing results, security assessments, and risk assessments.
Create automated test suites and pipelines.
Implement monitoring, logging, and alerting systems to ensure the security and availability of cloud-based infrastructure.
Integrate SonarQube with CI/CD pipelines and Azure Devops.
Manage the configuration and infrastructure as code (IaC) using tools such as Terraform, Ansible, or similar, with a strong emphasis on security.
Conduct security assessments, vulnerability testing, and ensure compliance with industry standards and regulatory requirements.
Work closely with stakeholders to define and enforce security policies and access controls in the Azure environment.
Develop and maintain documentation for security processes, procedures, and configuration management.
Continuously improving testing methodologies and security processes.

Qualifications

Your knowledge and Experience

Requires Bachelor's degree in Computer Science, Information Technology, or related field, or equivalent experience. Master's degree in Computer Science, Information Technology preferred.
Requires a minimum of 5 years of prior relevant experience in IT development and quality engineering.
Prefers 1 year of experience in DevSecOps field.
Prefers 1 year of hands-on experience with cloud platforms and Infrastructure as code.
Proven hands-on experience in cloud solutions and design for secure and compliant integration of applications on Microsoft Azure.
Prefers healthcare background, specifically with pharmacy
Solid understanding of DevSecOps principles.
Knowledge of healthcare industry standards including HIPAA and CMS regulations.
Experience with CI/CD pipelines, and automation tools like Jenkins, Ansible, Jira, GitLab CI, JFrog Artifactory, BitBucket, or Azure DevOps, with a focus on security integration and automated testing at all stages.
Strong knowledge of scripting languages (e.g., PowerShell, Bash, Python) for automation tasks, with an emphasis on security-related automation.
Experience in implementing and managing containerized applications using Docker and orchestration platforms like Kubernetes, with security considerations in mind.
Familiarity with infrastructure as code (IaC) concepts and tools such as Terraform or Ansible, with a focus on security best practices.
Expertise in cloud security best practices and their implementation within Azure environment.
Excellent problem-solving skills and ability to troubleshoot security-related issues.
Preferred experience in leading digital transformation projects and cloud migration efforts with a strong focus on security.
Understanding of and experience with AIOps concepts and tools like Prometheus, Grafana, or ELK stack, and platforms like OpsRamp or DynaTrace, would be strongly preferred.
Experience with performance optimization as applied to cloud infrastructure and cloud application architectures.

Pay Range

The pay range for this role is: $ 99000.00 to $ 148500.00 for California.

Note

Please note that this range represents the pay range for this and many other positions at Blue Shield that fall into this pay grade. Blue Shield salaries are based on a variety of factors, including the candidate's experience, location (California, Bay area, or outside California), and current employee salaries for similar roles.

About The Team

Blue Shield of California’s mission is to ensure all Californians have access to high-quality health care at a sustainably affordable price. We are transforming health care in a way that genuinely serves our nonprofit mission by lowering costs, improving quality, and enhancing the member and physician experience.

To fulfill our mission, we must ensure a diverse, equitable, and inclusive environment where all employees can be their authentic selves and fully contribute to meet the needs of the multifaceted communities we serve. Our continued commitment to diversity, equity, and inclusion upholds our values and advances our goal of creating a healthcare system that is worthy of our family and friends while addressing health disparities, promoting social justice, and integrating health equity through our products, business practices, and presence as a corporate citizen.

Blue Shield has received awards and recognition for being a certified Fortune 100 Best Companies to Work, Military Friendly Employer, People Companies that Care, a Leading Disability Employer, and one of California’s top companies in volunteering and giving. Here at Blue Shield, we strive to make a positive change across our industry and communities – join us!

Our Values:

Honest. We hold ourselves to the highest ethical and integrity standards. We build trust by doing what we say we're going to do and by acknowledging and correcting where we fall short.
Human. We strive to be our authentic selves, listening and communicating effectively, and showing empathy towards others by walking in their shoes.
Courageous. We stand up for what we believe in and are committed to the hard work necessary to achieve our ambitious goals.

Our Workplace Model:

Blue Shield of California is dedicated to making work-life balance a reality. Whether you prefer to work in an office or from home, we understand flexibility is more important than ever. That’s why Blue Shield is a hybrid company, offering you the opportunity to decide where you can do your best and most meaningful work.

Two ways of working: Hybrid (our default) and office

Hybrid – In a business unit approved office a few times per year to 3 days per week, on average
Office – In a business unit approved office 4+ days a week, on average. If the role you’re applying for is deemed an “Essential Role,” the company has determined that the role can only be performed in a Blue Shield office or in the field and would require your to meet the office worker classification.

Physical Requirements:

Office Environment - roles involving part to full time schedule in Office Environment. Due to the current public health emergency in California, Blue Shield employees are almost all working remotely. Based in our physical offices and work from home office/deskwork - Activity level: Sedentary, frequency most of work day.

Please click here for further physical requirement detail.

Equal Employment Opportunity:

External hires must pass a background check/drug screen. Qualified applicants with arrest records and/or conviction records will be considered for employment in a manner consistent with Federal, State and local laws, including but not limited to the San Francisco Fair Chance Ordinance. All qualified applicants will receive consideration for employment without regards to race, color, religion, sex, national origin, sexual orientation, gender identity, protected veteran status or disability status and any other classification protected by Federal, State and local laws.