DevSecOps Engineer

Remote

Full Time

Mid Level

DevSecOps Engineer

Title: DevSecOps Engineer

Department: Engineering

Reports to: VP of Engineering

Location: Fully Remote (U.S.)

Who We Are:

SureCost is the leading provider of pharmacy purchasing and inventory management solutions. Our SaaS platform empowers pharmacies across the nation to streamline their operations, reduce costs, and stay compliant in an increasingly complex and competitive landscape. We are committed to delivering innovative solutions to pharmacies so they can simplify their daily activities and focus on providing the best patient care possible. If you're looking for a role where you can make a meaningful impact in communities across the country, all while earning a competitive salary, you've come to the right place.

At SureCost, we think work/life balance should have, well, balance. With team members across the United States, we value the freedom of fully remote work, flex hours, and unlimited PTO.

What You’ll Do:

As the first dedicated DevSecOps Engineer at SureCost, you’ll play a pivotal role in securing, monitoring, and scaling our cloud infrastructure. You’ll be responsible for building and maintaining a robust security posture, designing automation to reduce manual work, and ensuring that security is embedded across the software development lifecycle. Collaborating closely with engineering, product, and operations teams, you’ll own key processes like CI/CD, observability, and incident response, while driving a culture of security awareness throughout the organization. Reporting to our engineering leadership, your expertise in DevOps, cloud infrastructure, and security will be critical to ensuring reliability, resilience, and trust at scale. With your technical capabilities and forward-looking mindset, you’ll have a direct and meaningful impact on SureCost’s security, performance, and long-term growth.

Maintain and improve our security posture by implementing and monitoring necessary security controls
Design, implement, and maintain CI/CD pipelines using GitLab CI/CD
Develop and manage AWS infrastructure using Infrastructure as Code (Terraform)
Automate deployment, monitoring, and management processes to reduce manual intervention
Manage and mitigate supply chain risks by monitoring third-party components and dependencies, leveraging tools like Snyk
Implement and maintain monitoring and observability solutions (DataDog, Prometheus, Grafana) to ensure system health and performance
Partner with development and product teams to integrate security throughout the SDLC
Own incident response processes, including detection, triage, and resolution of security events
Serve as the security champion within the organization, driving a culture of security awareness
Research and evaluate new tools and processes to continuously improve security and operational efficiency

What You’ll Need:

Education & Experience:
- 3+ years of experience in DevOps, SecOps, or related roles
- Bachelor's degree in Computer Science, Engineering, or related field (or equivalent experience)
Technical Skills:
- Expertise with AWS services (EC2, S3, RDS, Lambda, VPC) and security best practices
- Experience with Infrastructure as Code (Terraform)
- Familiarity with containerization and orchestration (Docker; Kubernetes or Nomad a plus)

Proficiency with CI/CD pipelines (GitLab preferred)
Hands-on experience with monitoring, logging, and alerting tools (DataDog, Prometheus, Grafana)
Experience with security scanning tools (Snyk, Dependabot, or similar)
Strong knowledge of security principles, identity and access management, and compliance frameworks (SOC 2)
Experience with secrets management and access control systems (e.g., Vault, AWS IAM)
Strong troubleshooting and problem-solving skills

Soft Skills:
- Excellent communication skills and ability to work cross-functionally
- Proactive, curious, and able to work independently as a security leader

A Huge Plus If You Have:

Experience with FreeIPA or other enterprise identity management solutions
Experience with HAProxy or other load-balancing technologies
Familiarity with SOC 2 and HIPAA compliance requirements
Background in healthcare or pharmacy SaaS environments

Perks and Benefits:

We are proud to offer generous benefits including:

Fully Remote work environment
Unlimited PTO (Highly suggested 3-week minimum)
Flexible Hours to fit your work-life balance
100% healthcare premiums covered for employees
70% healthcare premiums covered for dependents
Low-cost vision and dental coverage for employees
Automatic 3% employer contribution to 401k
12 weeks of fully paid parental leave
Technology stipend to cover the equipment you need to set up your home office
Professional development reimbursement to support continued learning

The estimated base salary range for this role is $115,000-135,000/year in addition to an annual bonus based on individual and company performance. The estimated salary range reflects an anticipated range for this position. The actual base salary offered may depend on a variety of factors, including the qualifications of the individual applicant for the position, years of relevant experience, specific and unique skills, level of education attained, certifications or other professional licenses held, business needs, geographic market, and often a combination of all of these factors. The actual base salary offered will be in accordance with state or local minimum wage requirements for the job location.

Please note: SureCost is currently hiring only in the following states: California, Colorado, Florida, Georgia, Illinois, Louisiana, Maryland, Nevada, New Hampshire, New Jersey, New York, North Carolina, Ohio, Pennsylvania, Rhode Island, Tennessee, Texas, Utah, Virginia, Washington and Wisconsin. Candidates must reside in one of these states to be considered for this position.

SureCost is an equal opportunity employer, dedicated to a policy of non-discrimination on the basis of race, color, religion, sex, national origin, ancestry, age, disability or any other characteristic protected by law.

We are required by federal law to verify the identity and employment eligibility of all persons hired to work in the United States. We participate in E-Verify (Employment Verification). We will provide the Social Security Administration (SSA) and, if necessary, the Department of Homeland Security (DHS), with the information from each new employee's Form I-9 to confirm work authorization.

Please be advised that, if selected for this position, a background check will be conducted as a condition of employment upon acceptance of a contingent job offer.

Apply for this position

Required*

Apply with Indeed

First Name*

Last Name*

Email Address*

Phone*

Address*

Resume*

We've received your resume. Click here to update it.

Attach resume or Paste resume

Attach resume as .pdf, .doc, .docx, .odt, .txt, or .rtf (limit 5MB) or Paste resume

Paste your resume here or Attach resume file

What's your citizenship / employment eligibility?*

Will you now or in the future require SureCost LLC to commence (“sponsor”) an immigration case in order to employ you (for example, H-1B or other employment-based immigration case)?

(This is sometimes called “sponsorship” for an employment-based visa status.)*

Which US state do you currently reside in?

(Please note: We want to make the best use of your time. We are only hiring in select U.S. states at this time, which can be found in the job posting.)*

Are you able to work on CST business hours?*

The estimated base salary range for this role is $115,000-135,000/year. Is this in line with your salary expectations?*

Is there any additional information you'd like to note about your salary expectations? If not, please leave this field blank.

How many years of professional experience do you have in engineering roles where you were responsible for production cloud infrastructure (AWS), automation (IaC/CI/CD), and security practices?*

How would you best describe your experience with AWS services (EC2, S3, RDS, Lambda, VPC) in production?*

Which best matches your experience with Terraform in production?*

What best describes your experience with CI/CD pipelines?*

Which best describes your role in responding to security incidents?*

Which best describes your experience with compliance and access controls (e.g., SOC 2, IAM, Vault)?*

We care about addressing everyone correctly. If you feel comfortable, please share your personal pronouns (e.g., he/him, she/her, they/them). This information is entirely optional and will be used solely for communication purposes during the application process.

If a SureCost employee referred you to this job opening, please include their first and last name here so we can thank them (if not referred, please leave this field blank):

Human Check*

Submit Application

Thanks for visiting our Career Page. Please review our open positions and apply to the positions that match your qualifications.

DevSecOps Engineer

Apply for this position