DevSecOps Engineer

Who We Are: 

With the collective efforts of our epic team members, we’re trailblazing a new path in the DME industry. Synapse Health was founded in 2016 with a goal to fix the fractured DME ecosystem and completely transform the industry. Built on decades of industry and leadership experience, we’ve launched tech-based solutions that eliminate age-old DME headaches, resulting in a seamless experience for all. We are proud to offer work that matters, on a mission that matters. 

Intrigued? Learn more at SynapseHealth.com and on Synapse Health’s LinkedIn. 

What We Need:  

As a DevSecOps Engineer at Synapse Health, you'll play a pivotal role in safeguarding our organization as we grow. This role focuses on enhancing organizational security by developing, maintaining, and enforcing security policies and providing strategic guidance to protect Synapse Health’s data, infrastructure and people. Working closely with the Vice President of IT, you'll contribute to shaping security strategies, policies, and processes, ensuring we maintain rigorous security standards across the organization. 

What You Will Do:   

• CI/CD  Security Pipeline Implementation: Design, implement, and maintain security automation within CI/CD pipelines to enforce secure development practices (HCL, Python, C#, JavaScript, etc)
• Cross-Functional Security Alignment: Collaborate with various dev teams to align security measures with business needs.
• Improve Cloud Security Posture: Continuously improve security-as-code implementations using IaC.
• Security Tool Automation: Developing and implementing security tooling for SAST/DAST/IAST/SCA, vulnerability scanning, and building custom security solutions for various parts of the business.
• Secure Software Development Lifecycle: Partner with development teams to integrate security best practices into every stage of the SDLC, strengthening the protection of our applications. 
• Monitoring and Reporting: Provide ongoing monitoring and reporting of security events, projects, and vulnerabilities to maintain visibility and inform strategy.
• HIPAA, GDPR, SOC 2: Develop, maintain and enforce security standards and procedures to ensure compliance with regulatory requirements. 

What You Have:   

At Synapse Health we’ve intentionally built a culture of kindness, collaboration and creativity, and we consider those qualities to be table stakes for any new team member. Additional requirements include: 

• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field (or equivalent practical experience). 
• 5+ years of experience in cloud security, security policy development, and direct experience with DevSecOps & CI/CD security practices.
• Direct experience in security engineering projects and tasks, including deploying and managing solutions in diverse environments. 
• Extensive experience with vulnerability assessment tools and industry-standard frameworks.  
• Knowledge of information security concepts, common attack types, mitigation techniques, and the ability to make risk-based decisions.  
• History of working with automation technologies (Terraform, Bicep/ARM, Python, PowerShell, Bash).
• Working knowledge of security frameworks and best practices (NIST, ISO 27001, etc.).
• Strong understanding of web applications and security stacks (e.g., API security.)  
• Hands on experience securing cloud-based CI/CD pipelines.
• Kubernetes and/or container security experience.
• Red team mentality. The ability to think like an attacker, proactively identifying and exploiting weaknesses before adversaries do.

What Sets You Apart:  

• Previous experience working as a software engineer, ideally with a focus on security.
• Hands-on manual web application penetration testing experience.
• A strong background in IaC for any cloud platform.
• Previous experience working at a startup or proven ability to thrive in roles that required balancing various tasks and responsibilities simultaneously.
• Kubernetes expertise.

What Sets Us Apart:  

It’s no secret that most of us work to provide for ourselves and those we love, but just because we have to work, doesn’t mean we can’t enjoy it. In fact, at Synapse Health, we insist on it! We want our team members to thrive personally and professionally, which is why our benefits include: 

• Professional growth opportunities with compelling career paths 
• Healthy work-life balance culture with paid time off (PTO) 
• Medical, dental and vision insurance for full-time team members 
• 401K savings plan with employer contribution match 

Synapse Health is an equal opportunity employer that is committed to diversity and inclusion in the workplace. We prohibit discrimination and harassment of any kind based on race, color, sex, religion, sexual orientation, national origin, disability, genetic information, pregnancy, or any other protected characteristic as outlined by federal, state, or local laws.