Jobs · Engineering · Colorado

Principal DevSecOps Engineer

Medical Engineering Consultants (MEC) · Colorado, United States · 4 days ago
EngineeringFull-time

Key Responsibilities

  • Define and own DevSecOps architecture, roadmap, and platform security strategy
  • Develop and maintain CI/CD pipelines, build infrastructure, and automation frameworks
  • Implement secure embedded Linux platforms (Yocto, BSPs, drivers, OS components)
  • Establish software supply chain controls including SBOM, SOUP/OTS tracking, and vulnerability monitoring
  • Implement security controls such as secure boot, firmware signing, and authenticated updates
  • Lead threat modeling, cybersecurity risk analysis, and vulnerability management activities
  • Support CVE monitoring, triage, remediation, and reporting processes
  • Define and implement runtime monitoring and post-market cybersecurity workflows
  • Ensure traceable, audit-ready development and release evidence for regulatory compliance
  • Collaborate cross-functionally with software, systems, quality, regulatory, and security teams
  • Provide technical leadership and mentorship across engineering teams

Qualifications

  • 7+ years of experience in embedded software, DevOps, or cybersecurity engineering
  • Strong experience with embedded Linux platforms and Yocto-based systems
  • Experience developing DevSecOps practices in regulated or safety-critical environments
  • Knowledge of software lifecycle standards (IEC 62304, ISO 14971, ISO 13485)
  • Experience with CI/CD security automation (SAST, SCA, artifact signing, vulnerability scanning)
  • Strong background in threat modeling, risk analysis, and secure architecture design
  • Experience with containerization, build pipelines, and modern DevOps tooling
  • Strong debugging, problem-solving, and communication skills

Similar jobs

Principal DevSecOps Engineer

The Depository Trust & Clearing Corporation (DTCC)Tampa, FL· 2 wk ago
Engineeringapply on ebxr.fa.us2.oraclecloud.com