Cloud & Digital Platform DevSecOps Engineer

The DevSecOps Engineer will lead the design, implementation, and continuous improvement of cloud infrastructure, CI/CD pipelines, and security engineering practices for Diality's digital health platform. This role is critical in enabling secure, scalable, and compliant delivery of cloud-native applications, device connectivity platforms, and data systems in a regulated medical device environment.

The ideal candidate brings deep expertise in AWS cloud infrastructure, automation, DevSecOps, and cybersecurity, with experience operating within HIPAA and FDA-regulated environments, and a strong focus on enabling high-velocity, high-quality software delivery.

Responsibilities

Cloud Infrastructure & Platform Engineering

• Design, implement, and manage scalable, secure AWS cloud infrastructure using Infrastructure as Code (IaC)

• Build and maintain multi-account AWS environments with proper governance (Landing Zone, Control Tower, SCPs)

• Design infrastructure for:

• Device connectivity platforms (IoT, MQTT ingestion)

• Web/mobile applications (portals, APIs)

• Data platforms (S3, RDS, Redshift)

• Implement high availability, disaster recovery, and cost optimization strategies

CI/CD & Release Engineering

• Design and implement end-to-end CI/CD pipelines for:

• Backend services (APIs, microservices)

• Frontend applications (React portals, mobile apps)

• Infrastructure deployments (IaC pipelines)

• Enable automated build, test, security scan, and deployment workflows

• Implement progressive delivery strategies:

• Blue/Green deployments

• Canary releases

• Integrate pipelines with tools such as:

• GitHub Actions / GitLab CI / Jenkins

• AWS CodePipeline / CodeBuild / CodeDeploy

DevSecOps & Cybersecurity

• Embed security into the SDLC ("Shift Left Security"):

• SAST, DAST, dependency scanning

• Container security (ECR scanning, runtime protection)

• Implement identity and access management (IAM) best practices

• Design and enforce:

• Secrets management (AWS Secrets Manager, Parameter Store)

• Encryption (KMS, TLS/mTLS)

• Enable device and platform security: Certificate lifecycle management (PKI, mTLS)

• Support compliance with: FDA Cybersecurity Guidance, HIPAA, ISO 27001 / HITRUST

Observability & Reliability Engineering

• Build and maintain observability stack:

• Metrics (CloudWatch)

• Logging (CloudWatch Logs, OpenSearch)

• Tracing (X-Ray, OpenTelemetry)

• Define SLIs, SLOs, and alerting strategies

• Enable proactive monitoring for: Device fleet health, Platform performance, Security anomalies

Infrastructure Automation & Platform Enablement

• Develop reusable infrastructure modules using Terraform / CloudFormation

• Build internal developer platform capabilities:

• Self-service infrastructure provisioning

• Standardized deployment templates

• Enable developer productivity through Automated environments (dev/test/stage/prod) and Ephemeral environments for testing

Regulatory & Quality Compliance

• Ensure infrastructure and pipelines support: IEC 62304 , ISO 14971 risk management
• Maintain: Traceability across build, test, deployment, and Audit-ready logs and deployment records
• Contribute to AAMI TIR45 aligned Agile processes

Collaboration & Leadership

• Partner with Platform engineering, Data engineering, Security and QA teams
• Mentor engineers on DevOps and security best practices
• Lead design reviews for infrastructure and deployment architecture

Do you have experience in Vulnerability scanning?, * Deep experience with AWS services

• Compute: EC2, Lambda, ECS/EKS
• Networking: VPC, ALB/NLB, PrivateLink
• Storage: S3, EBS
• Databases: RDS, Aurora PostgreSQL
• Integration: API Gateway, EventBridge, SNS/SQS
• Strong understanding of AWS Well-Architected Framework and multi-account cloud governance

CI/CD & DevOps Tooling

• Expertise in CI/CD tools:
• GitHub Actions, GitLab CI, Jenkins
• Containerization & orchestration:
• Docker, Kubernetes (EKS preferred)

DevSecOps & Security

• Experience implementing secure SDLC pipelines, IAM least privilege models
• Familiarity with threat modeling, Vulnerability management tools

Observability & Reliability

• Experience with monitoring/logging tools:
• CloudWatch, Prometheus, Grafana, OpenSearch
• Strong understanding of:
• Distributed systems reliability, Incident response and root cause analysis

AI-Assisted Engineering (Preferred)

• Experience leveraging tools such as GitHub Copilot, Claude / Codex
• Ability to automate DevOps workflows, enhance code quality and testing using AI, * Bachelor's or master's degree in computer science, Engineering, or related field
• 5+ years of experience in Cloud infrastructure / DevOps / SRE and CI/CD pipeline design and automation
• Experience in regulated environments (medical device or healthcare preferred)
• Strong understanding of IEC 62304 , ISO 14971

Travel

• The willingness to travel domestically as needed (up to 10%) primarily to visit vendors and attendance at select conferences.

Physical Requirements

• Sustained periods of time standing and sitting in a laboratory
• Sitting at a desk utilizing a computer
• Some lifting of<25 pounds

Diality is a medical device company focused on developing solutions to improve lives impacted by kidney disease. Diality offers the Moda-flx Hemodialysis System, a user-friendly, mobile, and connected hemodialysis system designed to maximize clinical flexibility and ease-of-use for both clinical and non-clinical users.