Security DevOps Engineer (Chicago or Remote) at VillageMD
VillageMD is changing the trajectory of healthcare by empowering primary care physicians to make informed decisions and engage patients in meaningful ways. We work with thousands of clinicians and healthcare disruptors across the country to build and contribute to our platform to improve patient health while driving down the cost to deliver it.
We are a mission-oriented organization and are thrilled about the work that we do every day. We’re transparent, collaborative, and relentless in pursuit of our mission, all while doing so with humility and a low ego. We believe that diverse backgrounds and experiences create the best opportunity for innovation and the community that we are creating is greater than any individual.
As a Security DevOps Engineer, you will be responsible for ensuring best security practices and automating them when possible. You will help VMD scale in a cloud enterprise architecture with a least privilege approach.
What are examples of work that the Security DevOps Engineer will do at VillageMD?
- Lead the design, architecture and implementation of the systems, software, networks and services required to operate VillageMD products
- Identify and exploit efficiencies in operational engineering through automation
- Implement security controls that support compliance with ISO 27001 security requirements
- Practice sustainable incident response, root cause analysis and blameless postmortems
- Automate IAM user provisioning
- Implement a certificate management tool
- Build out new networks and infrastructure (VPCs, subnets, common SGs) using Terraform
What will make you successful here?
- A real passion for problem solving and learning new technology
- Vision to balance speed and maintainability in solution design
- The ability to handle multiple, concurrent projects
- Excellent ability to create and implement requirements, keep projects on track, and engage constituents
- Challenging the status quo to improve our processes and tools
- Communicate complex technical details in meaningful business context
- A low ego and humility; an ability to gain trust by doing what you say you will do
What you might do in your first year:
- Manage the business result of healthcare technology products
- Integrate 3rd party tools to drive outcomes, including Cloud Services, Salesforce, and best-of-breed healthcare products such as an EMPI
- Help build out a new AWS environment with a security mindset using IaC.
- Utilize a third party certificate management tool to automate rotation.
- Harden Linux AMIs
- Help configure PaloAlto firewalls.
The following experience is relevant to us:
- Bachelor's or master’s degree in computer science, math or equivalent experience
- 4+ years experience designing and coding in Java, Python, C#, C++, Ruby or similar language for production commercial services that operate on public internet
- Experience with Palo Alto Firewalls
- Strong IAM knowledge
- In depth AWS networking understanding
- Comfortable understanding of Linux fundamentals and network protocols such as TCP, HTTP, DNS and TLS
- Experience using AWS (Transit Gateway, API Gateway, Lambda, DynamoDB, WAF, CloudFront, EC2, ECS, EFS, RDS, VPC) or similar solutions to build infrastructure
- Experience with configuration management tools – Ansible and/or Terraform preferred
- Experience with a container management solution
- Experience running mission-critical, 24/7 systems
- Experience with incident response and root-cause analysis
- Excellent written and oral communication skills, including an ability to communicate with technical and business teams
At VillageMD, we see diversity and inclusion as a source of strength in transforming healthcare. We believe building trust and innovation are best achieved through diverse perspectives. To us, acceptance and respect are rooted in an understanding that people do not experience things in the same way, including our healthcare system. Individuals seeking employment at VillageMD are considered without regard to race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.