Senior DevOps and Security Engineer

Full-Time/Hybrid

careMESH is an agile, early-stage company at a critical inflection point. We are looking for a Cloud Infrastructure expert to take full ownership of our Google Cloud Platform (GCP) environment. As our first dedicated DevOps/Security hire, you will bridge the gap between development and operations, ensuring our infrastructure is scalable, cost-efficient, and—most importantly—hardened against threats.

Your mission is to build a "secure by default" culture while automating everything from deployment pipelines to compliance auditing.

Core Responsibilities

Infrastructure as Code (IaC) & Automation

  • Architect and maintain our GCP production and staging environments (using Terraform).

  • Eliminate manual configuration to ensure all infrastructure is version-controlled and reproducible.

  • Optimize CI/CD pipelines (GitHub Actions) to ensure safe, zero-downtime deployments.

  • Set up and maintain secure connections with customers (i.e., VPN, SMTP, and EHR connections)

Security & Compliance Enforcement

  • Implement and manage Identity and Access Management (IAM) using the principle of least privilege.

  • Lead the technical requirements for security certifications (mainly HITRUST, but also SOC2 Type II, ISO 27001, or HIPAA).

  • Manage secrets using Google Secret Manager.

  • Conduct regular vulnerability scanning, log analysis (Cloud Logging/Monitoring), and incident response drills.

Reliability & Performance

  • Manage containerized workloads via Google Kubernetes Engine (GKE).

  • Establish "Golden Signals" for monitoring: Latency, Traffic, Errors, and Saturation.

  • Implement automated backup and disaster recovery (DR) protocols.

Cost Governance

  • Monitor cloud spend and implement cost-saving measures (e.g., Committed Use Discounts, Preemptible VMs, and rightsizing).

Experience & Startup DNA

We are a lean team where everyone "gets their hands dirty." We understand that no one has every skill, but a combination of the following, developed over at least a 10-year career, is essential:

  • Startup Agility: You enjoy wearing multiple hats and can prioritize tasks in a fast-paced environment.

  • Communication: You can explain complex security risks to non-technical stakeholders.

  • EHR Fluency: Direct experience with Epic, Oracle Health (Cerner), or Meditech (e.g., App Market integrations, HL7/FHIR workflows).

  • Interoperability Mastery: A working-level knowledge of healthcare standards (HL7 v2, FHIR, CCDS/CCDA) is desired.

  • Certification: Professional Cloud Architect or Professional Cloud Security Engineer.

Technical Qualifications

  • GCP Mastery: Deep experience with VPCs, GKE, Cloud SQL, Firebase, Cloud Storage.

  • IaC Expert: Professional experience with Terraform is a must.

  • Security Mindset: Strong understanding of network security (WAF, Cloud Armor), encryption at rest/transit, and compliance frameworks.

  • Linux/Containers: Advanced knowledge of Linux administration and Docker/Kubernetes orchestration.

  • Scripting: Proficiency in Bash for automating operational tasks.

Location & Logistics

Remote/Hybrid: careMESH is a 100% remote organization. However, we meet regularly in our Reston, VA office for strategy and collaboration.

Requirement: Candidates must live in the Washington DC/Maryland/Virginia area or the Eastern Time Zone and be able to travel to Reston every quarter.

Benefits

  • Competitive salary

  • Remote-first culture

  • Comprehensive benefits (Health, 401k).

To apply, please send your resume and cover letter here.