Manager, DevSecOps

The Manager, DevSecOps is responsible for leading the DevSecOps function and driving the adoption of secure, scalable, and efficient software delivery practices across the organization. This role will manage a team of DevSecOps engineers and work closely with Engineering, Security, Infrastructure, SRE, and Product teams to embed security, automation, and operational excellence throughout the software development lifecycle.

This leader will play a key role in advancing CI/CD maturity, strengthening cloud security and compliance, improving developer experience, and enabling platform engineering capabilities that support standardization, self-service, and faster delivery.

Key Responsibilities

Team Leadership and Management

• Lead, mentor, and develop a team of DevSecOps engineers.
• Set team priorities, assign work, and ensure accountability for deliverables and outcomes.
• Build a high-performing team culture focused on ownership, collaboration, continuous improvement, and execution excellence.
• Support hiring, onboarding, coaching, and performance management for the DevSecOps team.

 

DevSecOps Strategy and Execution

• Drive the implementation and continuous improvement of DevSecOps practices across the organization.
• Lead efforts to design, standardize, and support secure CI/CD pipelines, release automation, and deployment frameworks.
• Promote shift-left security by integrating security controls and compliance checks into the software development lifecycle.
• Establish and maintain standards for infrastructure as code, automation, and secure delivery practices.

 

Cloud Security, Governance, and Compliance

• Partner with Security and Cloud teams to implement cloud security guardrails, policy enforcement, and compliance controls.
• Help ensure alignment with regulatory and compliance requirements, including healthcare and enterprise security standards where applicable.
• Oversee remediation of security findings related to infrastructure, CI/CD, containers, and cloud platforms.
• Drive security awareness and secure engineering practices across teams.

 

Observability, Reliability, and Operational Excellence

• Collaborate with SRE and Infrastructure teams to improve observability, monitoring, alerting, and operational readiness.
• Support the use of logs, metrics, traces, and dashboards to improve service visibility and reduce operational risk.
• Ensure DevSecOps practices support reliability goals, incident response readiness, and operational maturity.

 

Platform Engineering and Developer Experience

• Support platform engineering initiatives that improve developer productivity and self-service capabilities.
• Contribute to the development of internal developer platforms and standardized tooling that simplify infrastructure and application delivery.
• Drive improvements in developer experience by reducing friction in provisioning, deployment, and operational workflows.
• Promote the use of tools and frameworks such as Backstage, Crossplane, and GitOps-based models where appropriate.

 

Cost Optimization and Efficiency

• Partner with Cloud and Finance stakeholders to promote cost-aware engineering practices and cloud optimization.
• Identify opportunities to improve resource utilization, standardization, and automation to reduce unnecessary spend.
• Support governance processes that align engineering velocity with operational and financial discipline.

 

Cross-Functional Partnership

• Work closely with Engineering, Product, Security, Infrastructure, SRE, and leadership teams to align priorities and execution.
• Communicate plans, progress, risks, and dependencies clearly to both technical and non-technical stakeholders.
• Serve as a trusted partner in driving enterprise-wide DevSecOps and platform engineering initiatives.

 

Required Qualifications

• Bachelor’s degree in computer science, Engineering, Information Technology, or a related field; equivalent experience may be considered.
• 10+ years of experience in DevOps, DevSecOps, Cloud Engineering, Site Reliability Engineering, or related disciplines.
• 3+ years of experience leading or managing technical teams in DevOps, DevSecOps, Platform Engineering, or Infrastructure.
• Strong experience with CI/CD tools and practices, including pipeline automation and release management.
• Hands-on experience with cloud platforms, preferably AWS, including infrastructure, security, and automation services.
• Strong knowledge of Infrastructure as Code tools such as Terraform, CloudFormation, Pulumi, or similar technologies.
• Experience with containers and orchestration platforms such as Docker and Kubernetes.
• Solid understanding of application and cloud security practices, including SAST, SCA, secrets management, container security, and policy enforcement.
• Experience working with observability and monitoring platforms such as New Relic, Prometheus, Grafana, OpenTelemetry, or CloudWatch.
• Strong communication, leadership, and stakeholder management skills.

Preferred Qualifications

• Experience in healthcare, regulated industries, or enterprise SaaS environments.
• Exposure to platform engineering and Internal Developer Platform concepts.
• Experience with tools such as Backstage, Crossplane, ArgoCD, GitHub Actions, Jenkins, SonarQube, Artifactory, or similar platforms.
• Familiarity with FinOps practices and cloud cost governance.
• Knowledge of DORA metrics and engineering performance measurement.
• Experience with database or data platform environments such as MongoDB, Elasticsearch, SQL Server, or Oracle.
• Relevant certifications such as AWS Solutions Architect, AWS Security Specialty, CKA, CKAD, or FinOps certifications.

Estimated Salary: $128,000 - $170,000 plus bonus

 

The base salary range represents the anticipated low and high end of the GHX’s salary range for this position. The base salary is one component of GHX’s total compensation package for employees. Other rewards and benefits include: health, vision, and dental insurance, accident and life insurance, 401k matching, paid-time off, and education reimbursement, to name a few. To view more details of our benefits, visit us here: https://www.ghx.com/about/careers/

  #LI-SR

 

GHX: It's the way you do business in healthcare
Global Healthcare Exchange (GHX) enables better patient care and billions in savings for the healthcare community by maximizing automation, efficiency and accuracy of business processes.

GHX is a healthcare business and data automation company, empowering healthcare organizations to enable better patient care and maximize industry savings using our world class cloud-based supply chain technology exchange platform, solutions, analytics and services. We bring together healthcare providers and manufacturers and distributors in North America and Europe - who rely on smart, secure healthcare-focused technology and comprehensive data to automate their business processes and make more informed decisions.

It is our passion and vision for a more operationally efficient healthcare supply chain, helping organizations reduce - not shift - the cost of doing business, paving the way to delivering patient care more effectively. Together we take more than a billion dollars out of the cost of delivering healthcare every year. GHX is privately owned, operates in the United States, Canada and Europe, and employs more than 1000 people worldwide. Our corporate headquarters is in Colorado, with additional offices in Europe.

Disclaimer
Global Healthcare Exchange, LLC and its North American subsidiaries (collectively, “GHX”) provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, national origin, sex, sexual orientation, gender identity, religion, age, genetic information, disability, veteran status or any other status protected by applicable law. All qualified applicants will receive consideration for employment without regard to any status protected by applicable law. This EEO policy applies to all terms, conditions, and privileges of employment, including hiring, training and development, promotion, transfer, compensation, benefits, educational assistance, termination, layoffs, social and recreational programs, and retirement.GHX believes that employees should be provided with a working environment which enables each employee to be productive and to work to the best of his or her ability. We do not condone or tolerate an atmosphere of intimidation or harassment based on race, color, national origin, sex, sexual orientation, gender identity, religion, age, genetic information, disability, veteran status or any other status protected by applicable law. GHX expects and requires the cooperation of all employees in maintaining a discrimination and harassment-free atmosphere. Improper interference with the ability of GHX’s employees to perform their expected job duties is absolutely not tolerated.

Read our GHX Privacy Policy