Principal Cloud Dev Ops Engine

Job Summary

The Principal Cloud Development Operations Engineer (SDLC & CI/CD Controls) defines and leads Deep Health’s enterprise Dev Sec Ops  strategy, serving as the organizational authority on pipeline security and secure software delivery. The role drives the design, governance, and continuous improvement of automated security controls across all CI/CD pipelines and developer workflows—ensuring security is built in from design through production while enabling delivery that is fast, measurable, and audit‑ready at scale.

• Define and own the enterprise Dev Sec Ops  toolchain strategy; architect standardized pipeline security frameworks—covering SAST, SCA, secrets scanning, IaC scanning, and container scanning—adopted across all engineering teams.
• Establish and govern enterprise release security standards and gating policies across the software delivery organization; lead exception governance and risk acceptance frameworks at the program level.
• Drive organization‑wide adoption of secure development standards; influence engineering leadership on secure‑by‑default practices and set measurable risk reduction goals tied to business objectives.
• Architect and lead the development of enterprise‑grade automation frameworks for pipeline security checks, artifact integrity, pipeline hygiene, and audit evidence generation; define reusable standards adopted across the engineering organization.
• Define and enforce secrets management standards and credential exposure reduction strategies across the entire build and deployment ecosystem; partner with platform leadership to drive enterprise‑wide adoption.
• Establish tooling performance standards and quality criteria for security controls across all pipelines; lead continuous improvement of the security toolchain to optimize the balance between risk coverage and developer velocity.
• Define and own the enterprise vulnerability risk management framework; lead cross‑functional prioritization of findings with product, engineering, and compliance stakeholders, driving systemic remediation strategies.
• Establish and own vulnerability SLA standards and exception governance policies; provide executive‑level reporting on risk posture, aging trends, and program‑wide effectiveness to senior leadership.
• Lead and advance Deep Health’s threat modeling methodology; define organizational standards for security risk assessment and translate complex threat landscapes into strategic engineering priorities.
• Establish and lead the organization’s security champions program; define the Dev Sec Ops  maturity roadmap and drive measurable, sustained improvement in security culture across all engineering teams.

PLEASE NOTE:

This is not an exhaustive list of all duties, responsibilities and requirements of the position described above. Other functions may be assigned, and management retains the right to add or change duties at any time.

• Bachelor’s degree in engineering or related field or equivalent experience required.
• 12+ years in Dev Ops, platform engineering, application security, or software engineering with hands‑on CI/CD responsibility required.
• Demonstrated record of designing and leading enterprise Dev Sec Ops  programs, including toolchain strategy, pipeline security architecture, and cross‑organizational adoption at scale.
• Exceptional communication and influence skills; demonstrated ability to drive strategic alignment on Dev Sec Ops  programs across engineering, product, and executive stakeholders.

• Deep expertise in CI/CD platforms (Git Hub Actions, Git Lab CI/CD, Jenkins, Azure Dev Ops); able to architect multi‑platform pipeline strategies and evaluate emerging tooling at an organizational level.
• Expertise in designing and governing enterprise‑scale pipeline policy frameworks, release controls, and branch protection standards; defines organizational standards adopted across teams.

• Advanced proficiency in Python, Bash, Power Shell, or equivalent; designs automation architectures and reusable frameworks adopted across the engineering…