Sr. DevOps Security Engineer

Verity Solutions is an innovative leader in pharmacy services, providing comprehensive solutions for federal 340B drug pricing program management and more.

Our customers include large health systems, community health centers, retail and specialty pharmacies.

Verity Solutions is a Cigna Group company within the Evernorth Health Services division and is headquartered in Kirkland, WA.

Job Summary:

Are you interested in joining a company passionate about helping those who make a difference in patient lives every day? Do you have strong security experience with cloud-based infrastructure and applications? Do you like an automation-first approach to problem solving and enjoy working on engineering solutions as part of an agile team? Join Verity's DevOps Engineering Team in designing, maintaining, supporting, securing, and extending an industry-leading SaaS platform.

Job Duties and Responsibilities:


* Responsible for cybersecurity design, adherence, management, and ownership of best practices to reduce risk by securing Verity's AWS cloud platform environments.


* Identifying and deploying cybersecurity measures by continuously performing vulnerability assessment and risk management.


* Promote a security first mindset within the development team, advocate for secure coding practices, and guide the organization towards secure-by-design principles.


* Support maintaining our security assessments and certifications such as HITRUST & SOC.


* Primary liaison with the Enterprise Information Protection Team to manage policy compliance and issue remediation.


* Support core cloud infrastructure systems: Network, Servers, Active Directory, Linux/Windows Server OS, Web/API Servers, Mongo DB, and similar systems.


* Design code-based solutions to automate manual tasks, threat response, vulnerability management, business processes, and to support new initiatives.


* Lead incident, problem, and event management support of our infrastructure, systems, and services.

Problem resolution support may be required on a rotating 24x7 basis for critical incidents.


* Develop, implement, and maintain robust security monitoring and alerting systems such as (Splunk, Grafana, Dynatrace).

Qualifications:


* BS or MS degree in related field or equivalent experience.


* 8+ years of enterprise experience as a Security Engineer or similar role managing AWS resources.


* Experience with NIST CSF, HITRUST CSF, CIS Controls, OWASP, and other security frameworks.


* Experience with SAST, DAST, Continuous Vulnerability Management (CVM), and IPS/IDS/AV/AM tools.


* Programming proficiency in developing tools, automation services, infrastructure as code.


* DevOps / SRE Engineering experience with implementing and supporting core AWS services: EC2, RDS, S3, Cloud Watch, and similar services in a 24x7 production environment.


* Certified Information Systems Security Professional (CISSP) certification is preferred but not ...