This is a key role within the Digital Security and Compliance team that will be responsible for developing and communicating core security and DevSecOps strategic initiatives across the organization. This person will work closely with the Global Security team and will be the primary DevSecOps security evangelist within the organization, developing and socializing reference implementations as well as ensuring that key security and DevSecOps initiatives are executed across both on-prem, hybrid on-prem cloud based environments within the organization.
• Develop and drive reference DevSecOps and security related initiatives targeted for hybrid on-prem cloud, containers, serverless environments. This person will work with the respective stakeholders across Digital and will leverage these reference implementations to ensure that the migration of on-prem workloads to Google cloud are secure.
• Work with the architecture team to provide security insights into key complex architectural initiatives such as CIAM, secure networking, cloud tenancy, secure data storage and retrieval, etc.
• Provide security support for key strategic technologies and architectures, including hybrid/multi-cloud strategy, inter-networking, API security governance etc.
• Leadership - this role will be matrixed across the organization to provide cloud security and DevSecOps guidance to the various application teams across the organization.
• Minimum of 10+ years experience in Information Security Engineering and/or DevSecOps roles, focused on supporting automated security solutions and architectures.
• Strong knowledge of the DevSecOps tool chain on Linux/Windows/Docker platforms; Jenkins, CircleCi, TravisCI, Python/Ruby, Ansible, Puppet, Git, AWS cloud formation, etc.
• Security certifications such as CISSP, CCSP, SANS GIAC* are a plus.
• Production experience with public cloud (AWS, Google or Azure – Google Cloud strongly preferred).
• Fluency in Python or other programming or scripting language.
• Proficiency in software and systems design and architecture.
• Experience with a variety of open source technologies and tools in support of cross-team collaboration.
• Strong demonstrated hands-on experience on implementing Security architectures.
• Experience deploying automation solutions in a public cloud environment (Google Cloud preferred).
• Strong knowledge of PCI/HIPPA and other security related standards and requirements.
• Experience supporting security audits a plus.
• Operationally savvy, experience with monitoring, alerting, and analyzing system metrics to identify problems and understand system behavior specific to security concerns.
• Ability to work in a fast paced, startup-like environment.
• Strong communication and collaboration skills.
• Strong problem solving skills.
• A passion for innovation, collaboration, and the ability to drive open communication and reach across functional borders.
BS in Computer Science or similar field, or equivalent years of experience.
At CVS Health, we are joined in a common purpose: helping people on their path to better health. We are working to transform health care through innovations that make quality care more accessible, easier to use, less expensive and patient-focused. Working together and organizing around the individual, we are pioneering a new approach to total health that puts people at the heart.
We strive to promote and sustain a culture of diversity, inclusion and belonging every day. CVS Health is an equal opportunity and affirmative action employer. We do not discriminate in recruiting, hiring or promotion based on race, ethnicity, sex/gender, sexual orientation, gender identity or expression, age, disability or protected veteran status or on any other basis or characteristic prohibited by applicable federal, state, or local law. We proudly support and encourage people with military experience (active, veterans, reservists and National Guard) as well as military spouses to apply for CVS Health job opportunities.
Apply on company website