Hispanic Alliance for Career Enhancement
Senior DevSecOps Engineer
Hispanic Alliance for Career Enhancement, Chicago, Illinois, United States
At CVS Health, we're building a world of health around every consumer and surrounding ourselves with dedicated colleagues who are passionate about transforming health care.
Position Summary As the nation's leading health solutions company, we reach millions of Americans through our local presence, digital channels and more than 300,000 purpose-driven colleagues—caring for people where, when and how they choose in a way that is uniquely more connected, more convenient and more compassionate. And we do it all with heart, each and every day.
Who You Are
A security expert who can write code as needed and knows the difference between Object vs Class vs Function programming.
Strong passion and thorough understanding of what it takes to build and operate secure, reliable systems at scale.
Strong passion and technical expertise to automate security functions via code, including pipeline and workflow automation.
Strong technical expertise with Application, Cloud, Data, and Network Security best practices.
Strong technical expertise with multi‑cloud environments, including container/serverless and other microservice architectures.
Strong technical expertise with older technology stacks, including mainframes and monolithic architectures.
Strong technical expertise with SDLC, CI/CD tools, Deployment Automation, and pipeline orchestration.
Strong technical expertise with operating security for Windows Server and Linux Server systems.
Strong technical expertise with configuration management, version control, and DevOps operational support.
Strong experience with implementing security measures for both applications and data, with an understanding of the unique security requirements of data warehouse technologies.
Experience with reporting and visualization tools such as Power BI, BigQuery, Tableau, or similar platforms.
Ability to create and deliver executive‑level reporting and dashboards for leadership visibility.
Role Responsibilities Development & Enforcement
Develop and enforce engineering security policies and standards.
Develop and enforce data security policies and standards.
Drive security awareness across the organization.
Collaboration & Expertise
Collaborate with Engineering and Business teams to develop secure engineering practices.
Serve as the Subject Matter Expert for Application Security.
Work with cross‑functional teams to ensure security is considered throughout the software development lifecycle.
Automation & Optimization
Design and implement automated workflows for security processes across CI/CD pipelines, reducing manual intervention and improving consistency.
Automate manual reporting tasks by building scripts, dashboards, and integrations that provide real‑time visibility into security posture, vulnerability status, and compliance metrics.
Integrate security controls into CI/CD pipelines (e.g., automated scanning, policy enforcement, and remediation workflows) to ensure security gates are embedded in the development lifecycle.
Develop orchestration strategies for pipeline automation using tools like GitHub Actions, Jenkins, or Azure DevOps, ensuring security checks are triggered automatically during build and deployment phases.
Develop and maintain executive‑level reporting dashboards using tools like Power BI, Tableau, or BigQuery to provide actionable insights to leadership.
Analysis & Configuration
Analyze, develop, and configure security solutions across multi‑cloud, on‑premises, and colocation environments, ensuring application security, integrity, confidentiality, and availability of data.
Lead security testing, vulnerability analysis, and documentation.
Operational Support
Participate in operational on‑call duties to support infrastructure across multiple regions and environments (cloud, on‑premises, colocation).
Develop incident response and recovery strategies.
Required Qualifications
5+ years of experience in developing and deploying security technologies.
5+ years of experience with modern Software Development Lifecycles and CI/CD practices, including pipeline automation and security integration.
3+ years of experience with remediation of vulnerabilities sourced from Static Analysis, Open Source Scanning, Mobile Scanning, and API Scanning.
3+ years of experience with Docker, Kubernetes, Security‑as‑Code, and Infrastructure‑as‑Code.
3+ years of experience with one or more general‑purpose programming/script languages including but not limited to: Java, C/C++, C#, Python, JavaScript, Shell Script, PowerShell.
1+ year of experience building reports and dashboards using visualization tools (Power BI, Tableau, BigQuery, or similar).
Preferred Qualifications
Proficiency in Public Cloud (AWS/Azure/GCP) & Network Security.
Strong experience with implementing and managing data protection measures and compliance with data protection regulations (e.g., GDPR, CCPA).
Strong technical expertise with Architecting Public Cloud solutions and processes.
Strong technical expertise with Networking and Software‑Defined Networking (SDN) principles.
Strong technical expertise with developing and interpreting Network, Sequence, and Dataflow diagrams.
Familiarity with OWASP Application Security Verification Standard.
Experience with direct, remote, and virtual teams.
Understanding of at least one compliance framework (HIPAA, HITRUST, PCI, NIST, CSA).
Strong technical expertise with Static Analysis, Open Source Scanning, Mobile Scanning, and API Scanning security solutions for data warehouses and big data platforms, particularly with technologies like Snyk, Apiiro, Koi Security, jFrog Curation.
Strong technical expertise in defining and implementing cyber resilience standards, policies, and programs for distributed cloud and network infrastructure, ensuring robust redundancy and system reliability.
Experience creating executive‑level reporting and presenting security metrics to leadership.
Experience building automated reporting solutions using APIs, scripting, and visualization tools (e.g., Power BI, Grafana, or custom dashboards).
Experience with pipeline orchestration tools and CI/CD automation frameworks to embed security gates and compliance checks.
Education
A Bachelor's degree or equivalent experience (High School Diploma and 4 years relevant experience)
Anticipated Weekly Hours 40
Time Type Full time
Pay Range $83,430.00 - $222,480.00
Our people fuel our future. Our teams reflect the customers, patients, members and communities we serve and we are committed to fostering a workplace where every colleague feels valued and that they belong.
Great benefits for great people
Affordable medical plan options,
a
401(k) plan
(including matching company contributions), and an
employee stock purchase plan .
No‑cost programs for all colleagues
including wellness screenings, tobacco cessation and weight management programs, confidential counseling and financial coaching.
Benefit solutions that address the different needs and preferences of our colleagues
including paid time off, flexible work schedules, family leave, dependent care resources, colleague assistance programs, tuition assistance, retiree medical access and many other benefits depending on eligibility.
For more information, visit https://jobs.cvshealth.com/us/en/benefits
We anticipate the application window for this opening will close on: 01/09/2026
Qualified applicants with arrest or conviction records will be considered for employment in accordance with all federal, state and local laws.
#J-18808-Ljbffr
Position Summary As the nation's leading health solutions company, we reach millions of Americans through our local presence, digital channels and more than 300,000 purpose-driven colleagues—caring for people where, when and how they choose in a way that is uniquely more connected, more convenient and more compassionate. And we do it all with heart, each and every day.
Who You Are
A security expert who can write code as needed and knows the difference between Object vs Class vs Function programming.
Strong passion and thorough understanding of what it takes to build and operate secure, reliable systems at scale.
Strong passion and technical expertise to automate security functions via code, including pipeline and workflow automation.
Strong technical expertise with Application, Cloud, Data, and Network Security best practices.
Strong technical expertise with multi‑cloud environments, including container/serverless and other microservice architectures.
Strong technical expertise with older technology stacks, including mainframes and monolithic architectures.
Strong technical expertise with SDLC, CI/CD tools, Deployment Automation, and pipeline orchestration.
Strong technical expertise with operating security for Windows Server and Linux Server systems.
Strong technical expertise with configuration management, version control, and DevOps operational support.
Strong experience with implementing security measures for both applications and data, with an understanding of the unique security requirements of data warehouse technologies.
Experience with reporting and visualization tools such as Power BI, BigQuery, Tableau, or similar platforms.
Ability to create and deliver executive‑level reporting and dashboards for leadership visibility.
Role Responsibilities Development & Enforcement
Develop and enforce engineering security policies and standards.
Develop and enforce data security policies and standards.
Drive security awareness across the organization.
Collaboration & Expertise
Collaborate with Engineering and Business teams to develop secure engineering practices.
Serve as the Subject Matter Expert for Application Security.
Work with cross‑functional teams to ensure security is considered throughout the software development lifecycle.
Automation & Optimization
Design and implement automated workflows for security processes across CI/CD pipelines, reducing manual intervention and improving consistency.
Automate manual reporting tasks by building scripts, dashboards, and integrations that provide real‑time visibility into security posture, vulnerability status, and compliance metrics.
Integrate security controls into CI/CD pipelines (e.g., automated scanning, policy enforcement, and remediation workflows) to ensure security gates are embedded in the development lifecycle.
Develop orchestration strategies for pipeline automation using tools like GitHub Actions, Jenkins, or Azure DevOps, ensuring security checks are triggered automatically during build and deployment phases.
Develop and maintain executive‑level reporting dashboards using tools like Power BI, Tableau, or BigQuery to provide actionable insights to leadership.
Analysis & Configuration
Analyze, develop, and configure security solutions across multi‑cloud, on‑premises, and colocation environments, ensuring application security, integrity, confidentiality, and availability of data.
Lead security testing, vulnerability analysis, and documentation.
Operational Support
Participate in operational on‑call duties to support infrastructure across multiple regions and environments (cloud, on‑premises, colocation).
Develop incident response and recovery strategies.
Required Qualifications
5+ years of experience in developing and deploying security technologies.
5+ years of experience with modern Software Development Lifecycles and CI/CD practices, including pipeline automation and security integration.
3+ years of experience with remediation of vulnerabilities sourced from Static Analysis, Open Source Scanning, Mobile Scanning, and API Scanning.
3+ years of experience with Docker, Kubernetes, Security‑as‑Code, and Infrastructure‑as‑Code.
3+ years of experience with one or more general‑purpose programming/script languages including but not limited to: Java, C/C++, C#, Python, JavaScript, Shell Script, PowerShell.
1+ year of experience building reports and dashboards using visualization tools (Power BI, Tableau, BigQuery, or similar).
Preferred Qualifications
Proficiency in Public Cloud (AWS/Azure/GCP) & Network Security.
Strong experience with implementing and managing data protection measures and compliance with data protection regulations (e.g., GDPR, CCPA).
Strong technical expertise with Architecting Public Cloud solutions and processes.
Strong technical expertise with Networking and Software‑Defined Networking (SDN) principles.
Strong technical expertise with developing and interpreting Network, Sequence, and Dataflow diagrams.
Familiarity with OWASP Application Security Verification Standard.
Experience with direct, remote, and virtual teams.
Understanding of at least one compliance framework (HIPAA, HITRUST, PCI, NIST, CSA).
Strong technical expertise with Static Analysis, Open Source Scanning, Mobile Scanning, and API Scanning security solutions for data warehouses and big data platforms, particularly with technologies like Snyk, Apiiro, Koi Security, jFrog Curation.
Strong technical expertise in defining and implementing cyber resilience standards, policies, and programs for distributed cloud and network infrastructure, ensuring robust redundancy and system reliability.
Experience creating executive‑level reporting and presenting security metrics to leadership.
Experience building automated reporting solutions using APIs, scripting, and visualization tools (e.g., Power BI, Grafana, or custom dashboards).
Experience with pipeline orchestration tools and CI/CD automation frameworks to embed security gates and compliance checks.
Education
A Bachelor's degree or equivalent experience (High School Diploma and 4 years relevant experience)
Anticipated Weekly Hours 40
Time Type Full time
Pay Range $83,430.00 - $222,480.00
Our people fuel our future. Our teams reflect the customers, patients, members and communities we serve and we are committed to fostering a workplace where every colleague feels valued and that they belong.
Great benefits for great people
Affordable medical plan options,
a
401(k) plan
(including matching company contributions), and an
employee stock purchase plan .
No‑cost programs for all colleagues
including wellness screenings, tobacco cessation and weight management programs, confidential counseling and financial coaching.
Benefit solutions that address the different needs and preferences of our colleagues
including paid time off, flexible work schedules, family leave, dependent care resources, colleague assistance programs, tuition assistance, retiree medical access and many other benefits depending on eligibility.
For more information, visit https://jobs.cvshealth.com/us/en/benefits
We anticipate the application window for this opening will close on: 01/09/2026
Qualified applicants with arrest or conviction records will be considered for employment in accordance with all federal, state and local laws.
#J-18808-Ljbffr