Sr. DevSecOps Engineer

About Us

InStride Health’s mission is to deliver specialty anxiety and OCD care that works for every kid, teen, young adult, and family who needs it. Through this mission, we are expanding access to insurance-based care, increasing engagement in treatment, and improving treatment outcomes. We are doing this by combining research-backed clinical care and innovative technology to eliminate the major problems with care today: difficulty finding providers, months of waiting to be seen, arduous onboarding processes, and inconsistent use of evidence-based therapies and outcomes tracking. Our vision is to become the nation’s most trusted provider of pediatric anxiety and OCD care.

Team InStride Health: Our Core Values

• Give Heart: We lead with heart, treating patients and their families the way we want our loved ones to be treated. 
• Work Smart: We find smarter ways to solve hard problems and fix the broken mental health system by leveraging technology, diversity of thought, and innovation.
• Have Humility: We leave our egos at the door, empowering our team to collaborate, celebrate diversity, and adopt a growth mindset.
• Embrace Community: We all belong. We are in this together, and we never worry alone. We believe in each other and recognize that every voice matters.

About the Role

We are looking for a Senior DevSecOps engineer to drive the security and scalability of a rapidly growing healthcare company. In this role you will be supporting a remote workforce at national scale, with an eye towards strong multi-region resilience. This is a fully remote position, requiring the employee to be based in the US. 

Responsibilities:

• Overseeing day to day needs around cloud infrastructure as code to build maintainable, scalable systems, that are thoroughly tested, documented, and have proper metrics and monitoring
• Work closely with our internal data and architecture teams to help clarify stories and translate business needs into practical technology solutions
• Continuously improve and enhance infrastructure as code tooling and automation. 
• Ensure repositories are kept up to date and pipelines (Github Actions) are optimized. Drive the adoption of engineering best practices to keep developer velocity high as possible without sacrificing security.
• Support scoping, planning, and delivering initiatives involving client, platform, IT, and operational team deliverables
• Build and manage integrations between InStride and 3rd party systems
• Support security threat assessments, reviews, and mitigations
• Serve as a security advocate and escalation point for the entire organization, including assisting non-technical clinical staff with security concerns and best practices.
• Maintain and improve company wide HIPAA and SOC2 compliance via additional alerting, automation, and operational best practices, and testing 
• Perform regular roles base access control and user access reviews
• Regularly review access and infrastructure logs 
• Update and improve monitoring and observability
• Collaborate with third-party vendors, and external partners like contractors to oversee the deployment of cloud infrastructure, ensuring strict adherence to architectural standards and security best practices. 

Tech Stack

• Terraform
• HIPAA compliant AWS 
• Github Actions CI/CD
• Snowflake
• Flutter, Golang, React/Typescript

What You Need to Succeed in the Role

• 5+ years of experience writing, deploying, and maintaining Infrastructure as Code (IaC) for advanced web applications and services into staging and production environments in the cloud
• Collaborative mindset with an eye to supporting developer operations tooling via self service and documentation. 
• Strong communication skills
• Ability to work on a team of engineers, providing and receiving feedback in structured Pull Requests
• Mentor less-experienced engineers, review code, and teach the engineering group better practices
• Comfortable working at a startup which moves fast with tight deadlines
• Lead our support team to aid engineering and IT to diagnose production issues and fix them as quickly as possible
• You have a solid understanding of how to prioritize projects and make tradeoffs between nice-to-haves and must-haves
• You are comfortable learning on the job and working with unfamiliar tools
• Familiarity with our tech stack is a plus
• HIPAA/SOC2 compliant Machine Learning and AI (ML/AI) interest also a plus

The expected annual salary for this role is between $125,000-$150,000. Actual starting salary will be determined on an individualized basis and will be is based on several factors including but not limited to specific skill set, work experience, etc. 

Why Join Our Team

• Generous benefits package (401k with match, Flexible PTO, paid holidays, 4 week paid sabbatical, 12 week paid parental leave, health benefits starting on your first day, and more)
• Opportunity to join a mission-driven company that is changing the landscape of pediatric mental health treatment
• Chance to make a far-reaching impact by helping children and families access desperately-needed, evidence-based care
• Opportunity to work with talented and experienced team members who have devoted their lives to solving this problem
• Fully virtual: work from the comfort of your home with periodic in-person retreats

Commitment to Diversity, Equity, Inclusion, & Belonging (DEIB)

We want to make our clinical services available for everyone, no matter where you come from, what you look like, or how you identify. To achieve this, we recognize we must continually make progress in building a more diverse, equitable, and inclusive team. Through these efforts, we support two primary objectives at InStride Health:

1. Providing high quality patient care to families. We are in a privileged position to support families during a vulnerable time in their lives. We approach all families and each other with compassion and are most effective as a diverse team where all individuals feel valued, respected, and accepted.
2. Building a mission-driven business that lasts. Specifically, we believe our commitment to a supportive culture improves innovation, decision-making, and efficiency.

We invite you to share any additional information about yourself or your experiences that may not be reflected in your CV. Inclusion of this information is completely voluntary.

Beware of fake job postings and offers. All official communications from InStride Health will come from email addresses ending in @instride.health. We will never ask for personal information such as Social Security numbers or bank details during the application process. If you receive a suspicious job offer or communication, please contact our recruitment team directly (talent@instride.health) to verify its authenticity.