The Senior DevSecOps Engineer at Vida will enhance the security and reliability of cloud infrastructure, manage compliance, and mentor engineering teams on secure practices.
ABOUT US
At Vida, we help people get better- and we're helping the healthcare system get better, too.
Vida is a virtual, personalized obesity care provider that uses evidence-based treatment to help patients manage obesity and related conditions like diabetes, high blood pressure, anxiety and depression. Vida's team of Obesity Medicine-Certified Physicians, Registered Dietitians, Expert Coaches and Licensed Therapists takes a whole-person approach to care, helping people lose weight, reduce stress and improve their overall health.
By combining advanced technology with top-notch healthcare providers, Vida is breaking down the barriers that have historically kept people from getting the best care. It's trusted by Fortune 100 companies, major national payers and large providers to enable their employees to live their healthiest lives.
**Vida is authorized to do business in many, but not all, states. If you are not located in or able to work from a state where Vida is registered, you will not be eligible for employment. Please speak with your recruiter to learn more about where Vida is registered.
We’re seeking a Senior DevSecOps Engineer to strengthen the security, resilience and reliability of Vida’s cloud-based healthcare platform. This role is ideal for an engineer who thrives at the intersection of security, cloud infrastructure and automation- building scalable, compliant systems that protect regulated data while enabling developer velocity. You will work closely with our infrastructure, application and compliance teams to ensure that Vida’s systems meet the highest standards for security, observability and operational excellence across our public cloud environment (Google Cloud Platform).
Responsibilities:
- Own the security posture of Vida’s cloud infrastructure, implementing best practices for regulated environments (HIPAA, HITRUST).
- Manage and enhance infrastructure-as-code (Terraform) for GCP, ensuring configurations adhere to least privilege and zero trust principles.
- Implement and maintain monitoring, logging and alerting frameworks across production systems using tools like Datadog, Prometheus and GCP Cloud Logging.
- Oversee vulnerability management, including patching, dependency scanning and automated remediation workflows.
- Partner with engineering teams to embed security controls within CI/CD pipelines (GitHub Actions or similar), aligning with secure software development lifecycle (SSDLC) practices.
- Conduct threat modeling and risk assessments for new services and architecture changes.
- Manage and optimize container security in Kubernetes (GKE), including image scanning, runtime protection and secrets management.
- Collaborate with compliance teams on audit evidence automation and support for security certifications (HITRUST, SOC 2, etc.).
- Lead incident response and postmortem analysis for security-related events.
- Mentor Engineers on secure development and deployment practices, fostering a culture of security by design.
Qualifications:
- Bachelor’s Degree in Computer Science, Engineering or related field- or equivalent practical experience.
- 6+ years of experience in DevOps, Cloud Infrastructure or Security Engineering roles, including production support.
- Strong hands-on expertise with GCP (preferred) or another major public cloud (AWS, Azure).
- Deep experience managing infrastructure via Terraform or similar IaC tools.
- Demonstrated knowledge of container orchestration and Kubernetes security best practices.
- Experience securing CI/CD pipelines using tools like GitHub Actions, Jenkins or GitLab CI.
- Strong familiarity with application and dependency scanning tools (e.g., Snyk, Trivy, Dependabot).
- Proficiency in Python, Go or Bash scripting for automation and tooling.
- Experience implementing Zero Trust, network segmentation and service identity-based access controls.
- Hands-on knowledge of monitoring and observability platforms (e.g., Datadog, Prometheus, Grafana).Understanding of security compliance frameworks (HIPAA, HITRUST, NIST 800-53).
Preferred:
- Experience in GCP-native security services (Cloud Armor, SCC, IAM Analyzer, Cloud KMS).
- Familiarity with automated compliance and policy-as-code (e.g., OPA, Conftest, Checkov)
- .Exposure to incident detection and response tools, including Cloud IDS and SIEM platforms.
- Background in healthcare or other regulated data environments.
Vida is proud to be an Equal Employment Opportunity and Affirmative Action employer.
Diversity is more than a commitment at Vida—it is the foundation of what we do. All qualified applicants will receive consideration for employment without regard to race, color, ancestry, religion, gender, gender identity or expression, sexual orientation, marital status, national origin, genetics, disability, age, or Veteran status. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law.
We seek to recruit, develop and retain the most talented people from a diverse candidate pool. We don’t just accept differences — we celebrate them, we support them, and we thrive on them for the benefit of our employees, our platform and those we serve. Vida is committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures.
We do not accept unsolicited assistance from any headhunters or recruitment firms for any of our job openings. All resumes or profiles submitted by search firms to any employee at Vida in any form without a valid, signed search agreement in place for the specific position will be deemed the sole property of Vida. No fee will be paid in the event the candidate is hired by Vida as a result of the unsolicited referral.
#LI-remote
Top Skills
Bash
Datadog
GCP
Github Actions
Go
Prometheus
Python
Terraform
Similar Jobs
Computer Vision • Software
Lead the design and automation of secure delivery pipelines for federal health systems, ensuring scalability, compliance, and resiliency.
Top Skills:
.NetArmAWSAzureAzure DevopsAzure MonitorBashBicepDatadogDockerDynamics 365DynatraceFedrampGithub ActionsJenkinsKubernetesNistPowershellPythonTerraform
Information Technology • Security • Business Intelligence • Consulting
The Senior DevSecOps Engineer will drive automation strategies, manage configuration solutions, and ensure compliance within a secure AWS GovCloud environment to support the DLA API Gateway Program.
Top Skills:
AnsibleAws GovcloudCloudFormationCloudwatchDockerGitJenkinsKubernetesSplunkTerraform
Information Technology • Consulting • Defense
The Senior DevSecOps Engineer will support DOD/AF customers by designing Kubernetes-native solutions, building CI/CD pipelines, and ensuring compliance with DoD directives.
Top Skills:
AWSBashCi/CdElasticFluentbitGitlabGrafanaJenkinsKibanaKubernetesOpentelemetryPrometheusPythonTerraformTerragrunt
What you need to know about the Los Angeles Tech Scene
Los Angeles is a global leader in entertainment, so it’s no surprise that many of the biggest players in streaming, digital media and game development call the city home. But the city boasts plenty of non-entertainment innovation as well, with tech companies spanning verticals like AI, fintech, e-commerce and biotech. With major universities like Caltech, UCLA, USC and the nearby UC Irvine, the city has a steady supply of top-flight tech and engineering talent — not counting the graduates flocking to Los Angeles from across the world to enjoy its beaches, culture and year-round temperate climate.
Key Facts About Los Angeles Tech
- Number of Tech Workers: 375,800; 5.5% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Snap, Netflix, SpaceX, Disney, Google
- Key Industries: Artificial intelligence, adtech, media, software, game development
- Funding Landscape: $11.6 billion in venture capital funding in 2024 (Pitchbook)
- Notable Investors: Strong Ventures, Fifth Wall, Upfront Ventures, Mucker Capital, Kittyhawk Ventures
- Research Centers and Universities: California Institute of Technology, UCLA, University of Southern California, UC Irvine, Pepperdine, California Institute for Immunology and Immunotherapy, Center for Quantum Science and Engineering
