Innosoft Corporation
Baltimore, United States | Posted on 08/26/2025
DevOps Engineer Lead– Enterprise DataPlatform & HealthLake (FedRAMP Compliance, AWS CDK) Agency
MarylandDepartment of Health
Project
Location
Hybrid,atleast 2 days per week on-site
Contract Duration
2-yearwith possible extensions
Interview Type
Video(Google Meet or MS Teams)
Tentative Start Date
09/08/2025
Project Overview The MarylandDepartment of Health is seeking a highly skilled DevOps Engineer(8+ years experience) to design, automate, and maintain secureinfrastructure for our Enterprise Data Lake (EDL) and AWSHealthLake interoperability platform. This role will leverageAWS CDK for Infrastructure as Code (IaC) and ensure compliancewith FedRAMP Rev 4, HIPAA, and CMS standards.
Duties/Responsibilities Infrastructure as Code (AWS CDK)
Build, manage, and version-control infrastructure using AWS CDK inTypeScript/Python for consistent, auditable deployments.
Define constructs for S3 (Iceberg-backed data lake), MWAA(Airflow), EMR/EMR Serverless, Glue, Redshift, Athena, Lake Formation, EKS, API Gateway, IAM, and AWS HealthLake.
Implement reusable CDK patterns for security guardrails, network design, monitoring, and compliance reporting.
CI/CD & Automation
Design and maintain CI/CD pipelines (AWS CodePipeline, CodeBuild, CodeDeploy) to support automated infra, ETL jobs, APIs, and FHIR workloads.
Integrate policy-as-code checks into the deployment workflow to enforce FedRAMP Rev 4 controls.
Automate patching, compliance scans, and drift detection across environments.
Monitoring, Reliability & Reporting
Configure CloudWatch, CloudTrail, Security Hub, GuardDuty, Inspector for logging, alerting, and anomaly detection.
Develop compliance dashboards and FedRAMP Rev 4 audit reports (access control, encryption, system monitoring, incident tracking).
Produce regular infrastructure compliance reports to support federal audits and continuous monitoring (ConMon).
Troubleshoot performance and scaling issues across ETL, APIs, and HealthLake.
Security & Compliance
Enforce IAM least-privilege, encryption (KMS), and VPC security controls via CDK templates.
Ensure data encryption in transit/at rest, secure networking, and compliance with HIPAA and CMS security policies.
Maintain evidence artifacts, automated compliance checks, and reporting workflows for FedRAMP Rev 4 authorization.
Work closely with data engineers, API developers, and architects to align infra with ETL frameworks, FHIR APIs, and analytics workloads.
Partner with security and compliance teams to map AWS services to FedRAMP, HIPAA, and NIST 800-53 controls.
Document infrastructure standards, runbooks, and reporting processes for audit readiness.
Requirements Education: A Bachelor's Degree from an accredited college or university with a major in Computer Science, Information Systems, Engineering, Business, or other related scientific or technical discipline.
Required Experience:
8+ years of experience in DevOps/Cloud Engineering, building and managing AWS enterprise-scale infrastructure.
5+ years of experience with Infrastructure as Code, including 2+ years hands-on with AWS CDK (TypeScript or Python).
Strong AWS expertise across: S3, EMR/Serverless, Glue, MWAA, Redshift, Athena, Lake Formation, EKS, HealthLake, API Gateway, IAM, KMS.
5+ years building and maintaining CI/CD pipelines with AWS CodePipeline, Jenkins, or GitLab CI.
Demonstrated experience in FedRAMP, HIPAA, or NIST 800-53 compliant environments, including control enforcement and evidence reporting.
Proven ability to generate FedRAMP Rev 4 compliance reports (audit logs, encryption evidence, access policies, ConMon reports).
Familiarity with Apache Iceberg, Medallion architecture, and healthcare FHIR interoperability.
Strong observability experience with CloudWatch, CloudTrail, ELK/OpenSearch, Prometheus/Grafana.
Excellent collaboration skills with ability to interface with auditors, compliance officers, and engineering team.
Preferred Experience
Healthcare data integrations with state Medicaid MMIS, provider directories, or HIEs; experience moving/validating files via SFTP/FTPS with PGP and certificate lifecycle management.
Experience in CMS or state public-health programs (e.g., provider enrollment, eligibility, claims/encounters), FHIR/HL7v2, and EDI X12 (834/820/270/271) fundamentals.
Standard Employee Benefits.
50% Health Insurance Paid by Innosoft, Paid Vacation, 401K Match, STD LTD and AD&D paid by Innosoft.
#J-18808-Ljbffr
DevOps Engineer Lead– Enterprise DataPlatform & HealthLake (FedRAMP Compliance, AWS CDK) Agency
MarylandDepartment of Health
Project
Location
Hybrid,atleast 2 days per week on-site
Contract Duration
2-yearwith possible extensions
Interview Type
Video(Google Meet or MS Teams)
Tentative Start Date
09/08/2025
Project Overview The MarylandDepartment of Health is seeking a highly skilled DevOps Engineer(8+ years experience) to design, automate, and maintain secureinfrastructure for our Enterprise Data Lake (EDL) and AWSHealthLake interoperability platform. This role will leverageAWS CDK for Infrastructure as Code (IaC) and ensure compliancewith FedRAMP Rev 4, HIPAA, and CMS standards.
Duties/Responsibilities Infrastructure as Code (AWS CDK)
Build, manage, and version-control infrastructure using AWS CDK inTypeScript/Python for consistent, auditable deployments.
Define constructs for S3 (Iceberg-backed data lake), MWAA(Airflow), EMR/EMR Serverless, Glue, Redshift, Athena, Lake Formation, EKS, API Gateway, IAM, and AWS HealthLake.
Implement reusable CDK patterns for security guardrails, network design, monitoring, and compliance reporting.
CI/CD & Automation
Design and maintain CI/CD pipelines (AWS CodePipeline, CodeBuild, CodeDeploy) to support automated infra, ETL jobs, APIs, and FHIR workloads.
Integrate policy-as-code checks into the deployment workflow to enforce FedRAMP Rev 4 controls.
Automate patching, compliance scans, and drift detection across environments.
Monitoring, Reliability & Reporting
Configure CloudWatch, CloudTrail, Security Hub, GuardDuty, Inspector for logging, alerting, and anomaly detection.
Develop compliance dashboards and FedRAMP Rev 4 audit reports (access control, encryption, system monitoring, incident tracking).
Produce regular infrastructure compliance reports to support federal audits and continuous monitoring (ConMon).
Troubleshoot performance and scaling issues across ETL, APIs, and HealthLake.
Security & Compliance
Enforce IAM least-privilege, encryption (KMS), and VPC security controls via CDK templates.
Ensure data encryption in transit/at rest, secure networking, and compliance with HIPAA and CMS security policies.
Maintain evidence artifacts, automated compliance checks, and reporting workflows for FedRAMP Rev 4 authorization.
Work closely with data engineers, API developers, and architects to align infra with ETL frameworks, FHIR APIs, and analytics workloads.
Partner with security and compliance teams to map AWS services to FedRAMP, HIPAA, and NIST 800-53 controls.
Document infrastructure standards, runbooks, and reporting processes for audit readiness.
Requirements Education: A Bachelor's Degree from an accredited college or university with a major in Computer Science, Information Systems, Engineering, Business, or other related scientific or technical discipline.
Required Experience:
8+ years of experience in DevOps/Cloud Engineering, building and managing AWS enterprise-scale infrastructure.
5+ years of experience with Infrastructure as Code, including 2+ years hands-on with AWS CDK (TypeScript or Python).
Strong AWS expertise across: S3, EMR/Serverless, Glue, MWAA, Redshift, Athena, Lake Formation, EKS, HealthLake, API Gateway, IAM, KMS.
5+ years building and maintaining CI/CD pipelines with AWS CodePipeline, Jenkins, or GitLab CI.
Demonstrated experience in FedRAMP, HIPAA, or NIST 800-53 compliant environments, including control enforcement and evidence reporting.
Proven ability to generate FedRAMP Rev 4 compliance reports (audit logs, encryption evidence, access policies, ConMon reports).
Familiarity with Apache Iceberg, Medallion architecture, and healthcare FHIR interoperability.
Strong observability experience with CloudWatch, CloudTrail, ELK/OpenSearch, Prometheus/Grafana.
Excellent collaboration skills with ability to interface with auditors, compliance officers, and engineering team.
Preferred Experience
Healthcare data integrations with state Medicaid MMIS, provider directories, or HIEs; experience moving/validating files via SFTP/FTPS with PGP and certificate lifecycle management.
Experience in CMS or state public-health programs (e.g., provider enrollment, eligibility, claims/encounters), FHIR/HL7v2, and EDI X12 (834/820/270/271) fundamentals.
Standard Employee Benefits.
50% Health Insurance Paid by Innosoft, Paid Vacation, 401K Match, STD LTD and AD&D paid by Innosoft.
#J-18808-Ljbffr