Director of DevSecOps

Overview

tango is seeking a Director of Dev Ops & Security (Dev Sec Ops ) to own and lead both the Dev Ops and Security functions across the organization. This role is accountable for building a secure, scalable, and compliant software delivery platform that supports tango’s healthcare mission and EDI-driven solutions.

tango is seeking a Director of Dev Ops & Security (Dev Sec Ops ) to own and lead both the Dev Ops and Security functions across the organization. This role is accountable for building a secure, scalable, and compliant software delivery platform that supports tango’s healthcare mission and EDI-driven solutions.

This leader will be responsible for cloud infrastructure, CI/CD, operational reliability, and enterprise security, ensuring that HIPAA, SOC 2, and HITRUST best practices are embedded directly into how software is built, deployed, and operated. The ideal candidate combines deep technical expertise in the Microsoft ecosystem (Azure, Git Hub, Azure Dev Ops) with strong security governance experience in regulated healthcare environments.

This is a hands-on leadership role that blends platform engineering, security strategy, compliance enablement, and people leadership.

• Dev Ops & Platform Engineering Ownership:
  Own and lead Tango’s Dev Ops and platform engineering strategy, enabling secure, self-service infrastructure and delivery pipelines.
• Design and maintain paved-road platforms that balance standardization, flexibility, and developer productivity.
• Establish enterprise standards for CI/CD, infrastructure, configuration management, and environment provisioning.

• Own the Security function, including application security, cloud security, and Dev Sec Ops  practices.
• Embed HIPAA, SOC 2, and HITRUST CSF controls directly into engineering workflows and infrastructure.
• Define and enforce security policies, standards, and guardrails across cloud and application platforms.
• Partner with Legal, Compliance, and Risk teams to support audits, assessments, and continuous compliance.
• Drive security-by-design and shift-left security practices across all engineering teams.

• Implement and operationalize security controls throughout the SDLC, including:
• SAST, DAST, SCA, and container image scanning
• Infrastructure-as-Code (IaC) security scanning
• Secrets management, encryption, and key rotation
• Ensure secure identity and access management using Azure AD / Entra  least-privilege principles.
• Establish secure patterns for handling PHI and sensitive healthcare data.

• Lead all Dev Ops and security practices across Microsoft Azure environments (IaaS, PaaS, and hybrid).
• Own infrastructure-as-code standards using Bicep, Terraform, or ARM templates.
• Ensure cloud environments meet healthcare compliance, resiliency, and availability requirements.
• Defining standards for network security, segmentation, and zero-trust architecture.

• Own CI/CD platforms using Git Hub Actions and/or Azure Dev Ops.
• Drive automation of:
• Build, test, and deployment workflows
• Security scanning and policy enforcement
• Compliance evidence collection and audit readiness
• Reduce operational risk and manual processes through automation-first design.

• Establish enterprise observability standards for monitoring, logging, alerting, and auditing.
• Own operational readiness, incident response, and post-incident reviews.
• Align Dev Ops practices with SRE principles, including error budgets and reliability metrics.
• Track and report key performance indicators such as deployment frequency, MTTR, and change failure rate.

• Own internal-facing operational support for Tango’s applications and services.
• Be accountable for support SLAs, including response time, resolution time, and customer satisfaction metrics for infrastructure services (network, desktop, VDI, telephony, contact center, FTP, etc.).
• Ensure timely triage, escalation, and resolution of internal and…