DevSecOps Engineer at GigaTECH

We actively seek candidates who challenge the status quo by wanting to significantly improve the user experience (patient, provider, payor) of healthcare IT applications.

Skills and Experience (Required):

• BS in Computer Science or other STEM degree and 2+ years’ experience
• Creation of cloud environments using IaC tools
• Experience with scripting and cross-platform integrations, service/web hooks
• Creating pipelines and deploying applications to a cloud environment
• Excellent verbal and written communication skills

Skills and Experience (Non-Essential)

• Experience working in an Agile environment
• Ability to interact with customers, clinicians, and engineering experts in pursuit of requirements elicitation and elaboration
• Create and maintain programmatic and technical documentation
• Reporting and mitigation of security vulnerabilities

Description

About GigaTECH

GigaTECH is a dynamic, full-service Information Technology and Healthcare IT SDVOSB proudly serving our military, Veterans, and other Government and commercial agencies. We believe in effective and transparent collaboration; we believe our entire staff to be one team; we believe in corporate integrity and customer satisfaction; we believe hard work should be generously rewarded. We look forward to you joining our team.

We actively seek candidates who challenge the status quo by wanting to significantly improve the user experience (patient, provider, payor) of healthcare IT applications.

Job Description

GigaTECH is seeking a mid-level DevSecOps Engineer to join our growing Research and Development practice which is focused on Healthcare IT. This position will work directly with the CTO to assist and enable software engineering teams with adopting secure development practices and integrate security into a CI/CD workflow. This position will have the opportunity to work on a variety of technologies, including OpenID, OAUTH2, JWT, GitHub, GitHub Actions (CI/CD), HL7 FHIR, SMART on FHIR within a cloud environment to grow and lead these activities as our Research and Development practice expands.

The successful candidate will be able to demonstrate setting up and maintaining multiple environments in the cloud. Experience building code deployment pipelines for continuous deployment to these environments while maintaining a secure HIPAA compliant environment is required. Knowledge of cloud technologies such as Azure/AWS; knowledge of Infrastructure as Code (IaC) tools such as Terraform; knowledge of code pipeline tools such as GitHub Actions/Jenkins/CircleCI; knowledge of OSS scanning tools; scripting and tool development software development using Java, JavaScript or Python is also required. This candidate will be a self-starter who is an aggressive learner.

• Use IaC software, such as terraform, to build scalable cloud base solutions for multiple environments.
• Use pipeline tools, such as GitHub Actions/Jenkins/CircleCI to build, test and deploy software to cloud based environments
• Use Static and Dynamic Code Analysis tools for identifying application vulnerabilities and proactively remediating issues prior to product releases, with a focus on test automation
• Implement network monitoring, analysis, troubleshooting and configuration control technologies.
• Develop software and software security guidance including best practices, secure coding checklists, reusable code
• Security testing at scale using static and dynamic analysis tools and integrating security into a CI/CD pipeline
• Implement proactive solutions to prevent cyberthreats
• Mitigate application vulnerabilities through software best practices and IaC (Securing Network Protocols, OWASP, CIS Controls)