Cloud & Digital Platform DevSecOps Engineer

Diality is a medical device company focused on developing solutions to improve lives impacted by kidney disease. Diality offers the Moda-flx Hemodialysis System, a user-friendly, mobile, and connected hemodialysis system designed to maximize clinical flexibility and ease-of-use for both clinical and non-clinical users.

The Dev Sec Ops  Engineer will lead the design, implementation, and continuous improvement of cloud infrastructure, CI/CD pipelines, and security engineering practices for Diality’s digital health platform. This role is critical in enabling secure, scalable, and compliant delivery of cloud-native applications, device connectivity platforms, and data systems in a regulated medical device environment.

The ideal candidate brings deep expertise in AWS cloud infrastructure, automation, Dev Sec Ops , and cybersecurity, with experience operating within HIPAA and FDA-regulated environments, and a strong focus on enabling high-velocity, high-quality software delivery.

• Design, implement, and manage scalable, secure AWS cloud infrastructure using Infrastructure as Code (IaC)
• Build and maintain multi-account AWS environments with proper governance (Landing Zone, Control Tower, SCPs)
• Design infrastructure for:
• Device connectivity platforms (IoT, MQTT ingestion)
• Web/mobile applications (portals, APIs)
• Implement high availability, disaster recovery, and cost optimization strategies

• Design and implement end-to-end CI/CD pipelines for:
• Backend services (APIs, microservices)
• Frontend applications (React portals, mobile apps)
• Enable automated build, test, security scan, and deployment workflows
• Canary releases
• Integrate pipelines with tools such as:
• Git Hub Actions / Git Lab CI / Jenkins
• AWS Code Pipeline / Code Build / Code Deploy

• Embed security into the SDLC (“Shift Left Security”):
• SAST, DAST, dependency scanning
• Container security (ECR scanning, runtime protection)
• Implement identity and access management (IAM) best practices
• Design and enforce:
• Secrets management (AWS Secrets Manager, Parameter Store)
• Enable device and platform security:
• Support compliance with:
• FDA Cybersecurity Guidance, HIPAA, ISO 27001 / HITRUST

• Build and maintain observability stack:
• Metrics (Cloud Watch)
• Logging (Cloud Watch Logs, Open Search)
• Define SLIs, SLOs, and alerting strategies
• Device fleet health, Platform performance, Security anomalies

• Terraform / Cloud Formation
• Build internal developer platform capabilities:
• Enable developer productivity through:
• Automated environments (dev/test/stage/prod)
• Ephemeral environments for testing

• Ensure infrastructure and pipelines support:
• Maintain:
• Traceability across build, test, and deployment
• Audit-ready logs and deployment records
• Contribute to AAMI TIR
  45 aligned Agile processes
• Partner with:
• Platform engineering, Data engineering, Security and QA teams
• Mentor engineers on Dev Ops and security best practices
• Lead design reviews for infrastructure and deployment architecture

• Deep experience with AWS services:
• Compute: EC2, Lambda, ECS/EKS
• Networking: VPC, ALB/NLB, Private Link
• Storage: S3, EBS
• Integration: API Gateway, Event Bridge, SNS/SQS
• Strong understanding of:
• AWS Well-Architected Framework

• Expertise in CI/CD tools:
• Git Hub Actions, Git Lab CI, Jenkins
• Containerization & orchestration:

• Experience implementing:
• Secure SDLC pipelines, IAM least privilege models
• Familiarity with:
• Threat modeling, Vulnerability management tools

• Experience with monitoring/logging tools:
• Strong understanding of:
• Distributed systems reliability, Incident response and root cause analysis
• Experience leveraging tools such as:
• Ability to:
• Automate Dev Ops workflows, enhance code quality and testing using AI

Bachelor’s or master’s degree in computer science, Engineering, or related field

• 5+ years of experience in:
• Cloud infrastructure / Dev Ops / SRE
• CI/CD pipeline design and automation
• Experience in regulated environments (medical device or healthcare preferred)
• Strong understanding of:
• IEC 62304 , ISO 14971

• The willingness to travel domestically as needed (up to 10%) primarily to visit vendors and attendance at select conferences.

Sustained periods of time standing and sitting in a laboratory

Sitting at a desk utilizing a computer

The information contained in this job description is for compliance with the Americans with Disabilities Act (ADA) and is not an exhaustive list of duties performed for this position.