DevOps Engineer

Job summary

Pillway is seeking an exceptional DevOps Engineer to own the security roadmap for a hyper-growth healthcare platform. This role involves embedding protection across code and infrastructure, ensuring the cloud ecosystem is hardened against threats, and maintaining compliance with PHIPA, PIPEDA, and SOC 2. The ideal candidate will have a passion for cloud security, CI/CD automation, and enabling secure development in a fast-paced environment.

Benefits

Qualifications

• Four or more years of experience in DevOps or security engineering, with at least two years in a DevOps-focused role.
• Bachelor's degree in Computer Science, Engineering, or equivalent practical experience.
• Demonstrated hands-on experience with Azure services, security policies, and monitoring tools.
• Strong proficiency in at least one IaC tool, such as Terraform or AKS.
• Working knowledge of NIST, CIS Benchmarks, and OWASP.
• Experience with Docker, Kubernetes, and modern CI/CD tooling.
• Strong written and verbal communication skills, with the ability to collaborate effectively.
• AZ-500, CISSP, CISM, or DevOps-focused certifications.
• Experience in regulated healthcare environments (PHIPA, PIPEDA, SOC 2).
• Hands-on experience with secrets management platforms such as HashiCorp Vault or Azure Key Vault.
• Familiarity with generative AI security principles and emerging automation tools.

Responsibilities

• Own Azure end-to-end, including networking, VMs, databases, backups, and disaster recovery.
• Build and maintain infrastructure as code using Terraform and Azure Kubernetes Cluster.
• Plan and execute upgrades, patching, and capacity planning.
• Support hybrid cloud and on-premises networking.
• Design and maintain secure CI/CD pipelines using Azure DevOps or similar tooling.
• Integrate SAST, DAST, dependency scanning, and secrets detection into the build process.
• Manage container and orchestration tooling, including Docker and Kubernetes.
• Own monitoring and incident response across the platform.
• Triage and respond to alerts from SIEM, IDS/IPS, and MDR systems.
• Lead investigations, remediation, and post-incident reviews.
• Operate the vulnerability management program, including scanning, prioritization, remediation, and reporting.
• Lead annual penetration tests and ensure findings are resolved within agreed SLAs.
• Own IAM, Azure RBAC, and least-privilege enforcement.
• Manage keys, secrets, certificates, and rotation policies.
• Maintain security and compliance posture for PHIPA, PIPEDA, and SOC 2.
• Support internal and external audits.
• Drive continuous compliance through automation and monitoring.

Skills

Certifications

Degrees

Industry

Relocation