Jobs · himalayas

R

Staff DevSecOps Engineer

Nimbus Data Systems · United States · Posted 17d ago

remoteFull-timeseniorEstimated 93k-215k USD🇺🇸 United States
Apply on himalayas

Available in 2 locations

Remote · remote Apply → United States · remote Apply →

About the role

Enhance security and reliability of healthcare data exchange on AWS/EKS platform.

Nimbus Data Systems is on a mission to accelerate healthcare’s transformation with useful data. Nimbus Data Systems Engine, a flexible interoperability platform, connects and powers real-time healthcare data exchange. With just one connection, data can be orchestrated across a growing network of 12,000+ systems and organizations, including 100+ electronic health record systems (EHRs). Nimbus Data Systems processes over 1.2 billion messages per month across our health tech vendor, provider, payer, EHR, and life sciences customers. Opportunity & Impact The Platform Team at Nimbus Data Systems Engineering builds the foundations that let application developers ship reliably - the automation, guardrails, and infrastructure that power how healthcare data moves securely through our systems. We're looking for a Staff DevSecOps Engineer who thinks security is a design constraint, not an afterthought. You'll work at the intersection of platform engineering and security — hardening how we build, ship, and run software on our AWS/EKS platform, and making secure defaults the easy path for every engineer at Nimbus Data Systems . We're a fully remote team within the U.S. that operates with radical transparency and a strong bias toward ownership. Our Engineering Culture & How We Work Psychological Safety, Ownership & Autonomy We make room for everyone to be heard, regardless of level. We work openly, normalize not knowing things, and treat "learning out loud" as a feature, not a liability. You'll be expected to bring your real perspective, push back when you see something wrong, and commit fully once a decision is made. As a Staff Engineer, you help cultivate our culture: you model the behavior, you embrace questions, you acknowledge mistakes. Radical Transparency We default to public Slack channels over DMs, post Zoom summaries back in writing, and work async whenever possible. We'd rather expose incomplete thinking in public to get better feedback than protect it in private. That applies to security work too - when you identify a risk or propose a control, you bring it to the table with a recommendation, not just a concern. Engineering-Driven Ownership We own the systems we maintain, not just the new features on the roadmap. You'll have latitude to identify and drive platform work - defining scope, consulting on priority, and seeing it through from design to operationalization. We measure ourselves by the value we deliver, not the process we follow. Job Responsibilities: Champion a security-first mindset within Engineering to help set the security posture of our platform infrastructure — supply chain hardening, secrets management, IAM/IRSA, container image integrity, and vulnerability remediation across our AWS/EKS environment Design and build automation that makes compliance evidence continuous, not manual — translating HITRUST controls into passing tests and structured outputs that flow into our compliance tooling (Vanta) Embed security into the platform by default: make the secure path the easy path for application engineers, through guardrails, policy-as-code, and well-documented patterns Partner with our Security team to translate threat assessments and control gaps into engineering proposals with clear scope, tradeoffs, and recommended paths forward Lead platform security initiatives from design to operationalization — requirements, technical design, code and code review, deployment, and documentation Contribute hands-on to the broader platform: CI/CD pipelines, container orchestration, observability, and developer tooling — this is an IC role, not a governance role Participate in on-call rotation and own the systems you build, including production incidents Mentor engineers on security practices and raise the security baseline across the team Required Skills & Experience: 8+ years in cloud-native infrastructure or platform engineering roles, with demonstrable progression in technical scope and leadership Hands-on expertise with AWS and Kubernetes (EKS) — you've operated these in production, not just deployed them Security depth: you understand supply chain risk, IAM/zero-trust patterns, secrets management, and vulnerability management at the platform level — not just as concepts Experience translating compliance frameworks (HITRUST, SOC 2, or equivalent) into concrete engineering controls — bonus if you've worked with Vanta or similar compliance automation tooling Fluency in infrastructure-as-code (Terraform/HCL) and at least one scripting language (Python, Go, or Node.js/TypeScript) Experience with modern CI/CD systems and the security surface they introduce — pipeline integrity, artifact signing, registry controls Strong written communication and a track record of driving technical decisions in async, remote environments - you write proposals, not just Slack messages, and convert them to impact Our stack — you'll be hands-on with these: AWS, Docker, EKS GitHub Actions (CI), ArgoCD (CD) Kyverno, Karpenter, KEDA, VPA, Velero, Crossplane Prometheus, Grafana, InfluxDB, Sumo Logic and

Read the full posting on himalayas

FAQ

Is the Staff DevSecOps Engineer role at Nimbus Data Systems remote?+

This Staff DevSecOps Engineer position is listed as remote (United States).

What is the salary for the Staff DevSecOps Engineer role at Nimbus Data Systems?+

The listing states Estimated 93k-215k USD.

What seniority level is this Staff DevSecOps Engineer role?+

This is a senior level position.

How do I apply for the Staff DevSecOps Engineer role at Nimbus Data Systems?+

Use the "Apply on himalayas" button to open the original posting on himalayas, where you can submit your application directly to Nimbus Data Systems.