Cloud & Digital Platform DevSecOps Engineer

Company & Job OverviewDiality is a medical device company focused on developing solutions to improve lives impacted by kidney disease. Diality offers the Moda-flx Hemodialysis System, a user-friendly, mobile, and connected hemodialysis system designed to maximize clinical flexibility and ease-of-use for both clinical and non-clinical users.The DevSecOps Engineer will lead the design, implementation, and continuous improvement of cloud infrastructure, CI/CD pipelines, and security engineering practices for Diality's digital health platform. This role is critical in enabling secure, scalable, and compliant delivery of cloud-native applications, device connectivity platforms, and data systems in a regulated medical device environment.The ideal candidate brings deep expertise in AWS cloud infrastructure, automation, DevSecOps, and cybersecurity, with experience operating within HIPAA and FDA-regulated environments, and a strong focus on enabling high-velocity, high-quality software delivery.ResponsibilitiesCloud Infrastructure & Platform EngineeringDesign, implement, and manage scalable, secure AWS cloud infrastructure using Infrastructure as Code (IaC)Build and maintain multi-account AWS environments with proper governance (Landing Zone, Control Tower, SCPs)Design infrastructure for:Device connectivity platforms (IoT, MQTT ingestion)Web/mobile applications (portals, APIs)Data platforms (S3, RDS, Redshift)Implement high availability, disaster recovery, and cost optimization strategiesCI/CD & Release EngineeringDesign and implement end-to-end CI/CD pipelines for:Backend services (APIs, microservices)Frontend applications (React portals, mobile apps)Infrastructure deployments (IaC pipelines)Enable automated build, test, security scan, and deployment workflowsImplement progressive delivery strategies:Blue/Green deploymentsCanary releasesIntegrate pipelines with tools such as:GitHub Actions / GitLab CI / JenkinsAWS CodePipeline / CodeBuild / CodeDeployDevSecOps & CybersecurityEmbed security into the SDLC ("Shift Left Security"):SAST, DAST, dependency scanningContainer security (ECR scanning, runtime protection)Implement identity and access management (IAM) best practicesDesign and enforce:Secrets management (AWS Secrets Manager, Parameter Store)Encryption (KMS, TLS/mTLS)Enable device and platform security:Certificate lifecycle management (PKI, mTLS)Support compliance with:FDA Cybersecurity Guidance, HIPAA, ISO 27001 / HITRUSTObservability & Reliability EngineeringBuild and maintain observability stack:Metrics (CloudWatch)Logging (CloudWatch Logs, OpenSearch)Tracing (X-Ray, OpenTelemetry)Define SLIs, SLOs, and alerting strategiesEnable proactive monitoring for:Device fleet health, Platform performance, Security anomaliesInfrastructure Automation & Platform EnablementDevelop reusable infrastructure modules using:Terraform / CloudFormationBuild internal developer platform capabilities:Self-service infrastructure provisioningStandardized deployment templatesEnable developer productivity through:Automated environments (dev/test/stage/prod)Ephemeral environments for testingRegulatory & Quality ComplianceEnsure infrastructure and pipelines support:IEC 62304 , ISO 14971 risk managementMaintain:Traceability across build, test, and deploymentAudit-ready logs and deployment recordsContribute to AAMI TIR45 aligned Agile processesCollaboration & LeadershipPartner with:Platform engineering, Data engineering, Security and QA teamsMentor engineers on DevOps and security best practicesLead design reviews for infrastructure and deployment architectureRequired Skills & AbilitiesCloud & Infrastructure ExpertiseDeep experience with AWS services:Compute: EC2, Lambda, ECS/EKSNetworking: VPC, ALB/NLB, PrivateLinkStorage: S3, EBSDatabases: RDS, Aurora PostgreSQLIntegration: API Gateway, EventBridge, SNS/SQSStrong understanding of:AWS Well-Architected FrameworkMulti-account cloud governanceCI/CD & DevOps ToolingExpertise in CI/CD tools:GitHub Actions, GitLab CI, JenkinsContainerization & orchestration:Docker, Kubernetes (EKS preferred)DevSecOps & SecurityExperience implementing:Secure SDLC pipelines, IAM least privilege modelsFamiliarity with:Threat modeling, Vulnerability management toolsObservability & ReliabilityExperience with monitoring/logging tools:CloudWatch, Prometheus, Grafana, OpenSearchStrong understanding of:Distributed systems reliability, Incident response and root cause analysisAI-Assisted Engineering (Preferred)Experience leveraging tools such as:GitHub Copilot, Claude / CodexAbility to:Automate DevOps workflows, enhance code quality and testing using AIEducation & ExperienceBachelor's or master's degree in computer science, Engineering, or related field5+ years of experience in:Cloud infrastructure / DevOps / SRECI/CD pipeline design and automationExperience in regulated environments (medical device or healthcare preferred)Strong understanding of:IEC 62304 , ISO 14971TravelThe willingness to travel domestically as needed (up to 10%) primarily to visit vendors and attendance at select conferences.Physical RequirementsSustained periods of time standing and sitting in a laboratorySitting at a desk utilizing a computer