Devsecops Engineer (Medtech)

TL;DR

DevSecOps Engineer (Medtech): Enhancing and streamlining CI/CD workflows and optimizing AWS infrastructure for a company focused on medical software with an accent on security compliance monitoring and vulnerability management. Focus on securing cloud infrastructure using cutting-edge technologies and ensuring adherence to SOC 2 and ISO 27001 standards.

Location: Vienna, Austria. Ideally located in Vienna or able to relocate quickly. Unfortunately, we are unable to support non-EU citizens for the position at this time.

Salary: Starting from 100,000 EUR gross base salary + performance-based bonus and equity options.

Company

hirify.global is saving and improving lives by making medical software safe and reliable.

What you will do

• Maintain SOC 2 and ISO 27001 certifications and other relevant standards, ensuring successful completion of all related audits.
• Respond effectively to IT/security questionnaires from current and potential customers.
• Deliver an efficient and high-performing CI/CD build process.
• Implement and uphold security best practices across systems and workflows.
• Address vulnerabilities and manage security incidents to minimize risk promptly.
• Maintain and continually enhance the performance, reliability, and scalability of server infrastructure.

Requirements

• A minimum of 5 years of professional experience in the DevSecOps or related engineering fields (e.g., DevOps & compliance field).
• Proficiency in configuring and maintaining AWS infrastructure such as EC2, VPC, EKS, IAM, RDS.
• Experience with CI/CD tools such as GitHub Actions, Jenkins, CircleCI, or similar platforms.
• Expertise in using IaC tools like CloudFormation or Terraform to automate and manage cloud environments.
• Ability to research, implement, and enforce security best practices for containers, container images, and Kubernetes (e.g., AWS EKS) across all development and deployment phases.
• Ability to work effectively with developers, sales teams, sales engineers, and client operations to address security questionnaires and related requirements.

Nice to have

• Hands-on involvement in audits such as SOC 2 and HIPAA, with a preference for candidates who have led audit processes.
• Previous experience managing and optimizing databases, particularly PostgreSQL, is a strong asset.
• Professional certifications such as CSSLP, CISSP, or CISA are considered as a plus.

Culture & Benefits

• Competitive compensation.
• Generous stock options possible.
• Work in an exciting field with a positive impact on the world.
• Opportunity to learn and grow as part of a global team.
• Generous PTO for full-time.