We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
The Rawlings Group jobs

DevSecOps Engineer

The Rawlings Group
life insurance, parental leave, paid holidays, tuition reimbursement, 401(k)
United States, California, Roseville
Jul 30, 2025
Job Details
Job Location
California Office - Roseville, CA
Remote Type
Fully Remote
 
Description

Who We Are

Machinify is a leading healthcare intelligence company with expertise across the payment continuum, delivering unmatched value, transparency, and efficiency to health plan clients across the country. Deployed by over 60 health plans, including many of the top 20, and representing more than 160 million lives, Machinify brings together a fully configurable and content-rich, AI-powered platform along with best-in-class expertise. We're constantly reimagining what's possible in our industry, creating disruptively simple, powerfully clear ways to maximize financial outcomes and drive down healthcare costs.

Location:

This role is fully remote

About the Opportunity

At Machinify, we're building a robust security program to protect our clients' sensitive healthcare data and maintain the highest standards of information security. As part of the Security team, you will serve as a technical security expert responsible for securing our cloud infrastructure, implementing DevSecOps practices, and ensuring our SaaS platforms meet the highest security standards. This role is essential to maintaining our security posture as we continue to integrate four distinct technology platforms and scale our operations.

As a Cloud Security Analyst, you will be primarily responsible for cloud security architecture, DevSecOps implementation, and SaaS security management across our multi-cloud environment. You'll work closely with engineering, DevOps, and IT teams to embed security throughout our development lifecycle while ensuring our cloud infrastructure remains secure and compliant with healthcare regulations.

What you'll do

Primary Responsibilities - Cloud Security & DevSecOps (70% of role):



  • Design and implement cloud security architectures across AWS, Azure, and other cloud platforms
  • Develop and maintain DevSecOps pipelines integrating security scanning, vulnerability assessment, and compliance checks
  • Configure and manage cloud security tools including CSPM, CWPP, and cloud-native security services
  • Conduct security architecture reviews for new applications, services, and infrastructure changes
  • Implement Infrastructure as Code (IaC) security best practices and automated security controls
  • Monitor cloud environments for security threats, misconfigurations, and compliance violations
  • Manage container security and Kubernetes security configurations
  • Oversee API security implementations and SaaS integration security reviews



Supporting Security Program Responsibilities (30% of role):



  • Collaborate with engineering teams to implement secure coding practices and security testing
  • Support vulnerability management programs including scanning, assessment, and remediation tracking
  • Assist with security incident response and forensic analysis for cloud-based incidents
  • Develop and maintain security automation scripts and tools
  • Participate in security assessments and penetration testing coordination
  • Create technical security documentation and architectural diagrams
  • Support SOC2 and HITRUST compliance activities with technical evidence collection
  • Provide security guidance for vendor integrations and third-party SaaS evaluations
  • Contribute to disaster recovery and business continuity planning
  • Mentor development teams on security best practices and threat modeling

Qualifications

Essential Qualifications



  • Bachelor's degree in Computer Science, Information Security, Engineering, or related field, or equivalent work experience
  • 5+ years of experience in cloud security, DevSecOps, or security engineering
  • Strong hands-on experience with cloud security in AWS, Azure, or GCP environments
  • Demonstrated experience implementing DevSecOps practices and security automation
  • Proficiency with Infrastructure as Code tools (Terraform, CloudFormation, ARM templates)
  • Experience with container security and orchestration platforms (Docker, Kubernetes)
  • Knowledge of security frameworks such as NIST Cybersecurity Framework, CIS Controls, and OWASP
  • Understanding of healthcare compliance requirements (HIPAA, HITRUST)
  • Experience with security scanning tools, SAST/DAST, and vulnerability management platforms



Preferred Qualifications



  • Cloud security certifications (AWS Security Specialty, Azure Security Engineer, CCSP, or similar)
  • Security certifications (CISSP, GSEC, CEH, or similar)
  • Experience in healthcare technology or regulated industries
  • Familiarity with CI/CD platforms (Jenkins, GitLab, GitHub Actions, Azure DevOps)
  • Knowledge of scripting languages (Python, PowerShell, Bash)
  • Experience with security orchestration and automation (SOAR) tools
  • Understanding of network security, encryption, and identity management in cloud environments


Expectations



  • Design and implement robust cloud security solutions that protect sensitive healthcare data
  • Integrate security seamlessly into development and deployment processes
  • Maintain security best practices while enabling business agility and innovation
  • Collaborate effectively with engineering, DevOps, and IT teams
  • Stay current with evolving cloud security threats and emerging technologies
  • Balance security requirements with operational efficiency and development velocity
  • Provide technical leadership and guidance on security architecture decisions



Success Criteria for the First 3 Months

Understanding the Environment



  • Gain comprehensive knowledge of Machinify's current cloud infrastructure and security tooling across all four legacy companies
  • Understand the technical architecture, data flows, and integration points between systems
  • Learn existing DevSecOps processes and identify opportunities for improvement


Building Relationships



  • Establish collaborative relationships with engineering, DevOps, and IT teams
  • Build effective communication with cloud architects and platform teams
  • Actively participate in architecture reviews and security design discussions
  • Begin implementing security improvements with engineering team guidance


Technical Assessment and Planning



  • Complete security assessment of current cloud environments and identify priority security gaps
  • Successfully implement assigned security automation projects with minimal guidance
  • Develop efficient workflows for routine security tasks and monitoring


Feedback and Growth



  • Incorporate feedback from technical teams to improve security implementations
  • Demonstrate ability to balance security requirements with development needs


Confidence and Comfort



  • Gain confidence in cloud security tool configuration and security architecture reviews
  • Become comfortable with compliance requirements and technical documentation processes


Success Criteria for the First Year

Technical Mastery



  • Demonstrate expertise in cloud security and become the go-to resource for DevSecOps and security architecture questions
  • Successfully lead complex security implementations and cloud security projects
  • Establish security standards and best practices across all development teams


Building Technical Leadership



  • Become a trusted security advisor to engineering and platform teams
  • Effectively influence security decisions across multiple technology platforms
  • Drive security automation initiatives that improve overall security posture


Greater Technical Responsibility



  • Take ownership of cloud security strategy and implementation across the organization
  • Lead security architecture reviews for major platform initiatives and integrations
  • Contribute to technology decisions based on security requirements and risk analysis


Career Progression and Development



  • Obtain relevant cloud security or advanced security certifications
  • Share knowledge and mentor engineering teams on security best practices
  • Contribute to platform consolidation efforts through security expertise and technical leadership


Recognition and Technical Impact



  • Become a reliable resource for complex security challenges and a key contributor to platform security
  • Demonstrate technical leadership in security initiatives and cloud transformation projects
  • Receive recognition from engineering teams for enabling secure, efficient development practices


Pay range: $150,000 - $200,000

This is an exempt position. For Salary positions only: The salary range is for Base Salary. Compensation will be determined based on several factors including, but not limited to, skill set, years of experience, and the employee's geographic location.

What's in it for you



  • PTO, Paid Holidays, and Volunteer Days
  • Eligibility for health, vision and dental coverage, 401(k) plan participation with company match, and flexible spending accounts
  • Tuition Reimbursement
  • Eligibility for company-paid benefits including life insurance, short-term disability, and parental leave.
  • Remote and hybrid work options



What values we'll share with you



  • Ask why
  • Think big
  • Be humble
  • Optimize for customer impact
  • Deliver results


At Machinify, we're reimagining a simpler way forward. This begins with our employees. We are innovators who value integrity, teamwork, accuracy, and flexibility. We do the right thing, and we listen to the needs of our clients and their members. As tenured experts with unmatched experience, we champion diverse perspectives that help us to better understand and serve our clients.

Our values come to life through our culture. We embrace flexible working arrangements that allow our employees to bring innovation to life in the way that best suits their productivity. We work cross-functionally, abandoning silos, to bring innovative and accurate solutions to market. We invest in each other through ongoing education and team celebrations, and we give back to our communities through dedicating days for volunteering. Together, Machinify is making healthcare work better for everyone, and we're passionate about a future with better outcomes for all.

We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender, gender identity or expression, or veteran status. We are proud to be an equal opportunity workplace. Machinify is an employment at will employer. We participate in E-Verify as required by applicable law. In accordance with applicable state laws, we do not inquire about salary history during the recruitment process. If you require a reasonable accommodation to complete any part of the application or recruitment process, please contact our People Operations team atpeopleoperations@rawlingscompany.com. See our Candidate Privacy Notice at:https://www.machinify.com/candidate-privacy-notice/

#INDHP


Applied = 0
MORE JOBS LIKE THIS

(web-6886664d94-4mksg)