DevOps Engineer
Vytalize Health
Job details
ABOUT THE ROLE
A Vytalize Health DevOps Engineer is a builder, a problem-solver, and a force-multiplier for everyone around them. You'll own infrastructure-as-code with Terraform, stand up AI agents in AgentCore, and create the reliable systems our data and application platforms depend on. You'll thrive on our small, growing, and friendly team that ships fast and supports each other. This is your chance to help shape a leading technology company in the healthcare industry.
KEY RESPONSIBILITIES:
AI & Governance
Support AI/ML platform enablement with AgentCore infrastructure, governance controls, and access patterns
Implement infrastructure for AI-powered operational tools (e.g., self-healing systems, security vulnerability remediation agents)
Infrastructure & Cloud Engineering
Design, provision, and operate AWS infrastructure with infrastructure as code (Terraform), including reusable modules and environment-specific configurations
Configure and harden core AWS networking and security constructs, including VPCs, subnets, routing, NACLs, security groups, IAM roles and policies, KMS keys, and parameter and secret management
Implement and operate containerized services with Docker and AWS ECS/Fargate, including image pipelines, task definitions, service autoscaling, and blue-green or rolling deployments
Deploy and maintain Kubernetes infrastructure (AWS EKS) for data and analytics workloads (e.g., OpenMetadata, data quality tools)
Build and maintain serverless services with AWS Lambda and API Gateway, including event-driven integrations with EventBridge and S3
Manage and operate Databricks infrastructure on AWS, including cluster configuration, workspace management, PrivateLink networking, and identity federation
Design and implement isolated development sandbox environments for secure data job executionMaintain accurate and up-to-date inventories of hardware, software, and cloud assets throughout their lifecycle from acquisition to decommissioning, ensuring assets are classified, assigned to owners, and tracked in approved systems
CI/CD & Deployment
Build, maintain, and optimize CI/CD pipelines in GitHub Actions for infrastructure (Terraform workflows),applications (container, serverless, and data jobs) and agent deployments
Adhere to the Change Management policy, including documenting, reviewing, and obtaining approval for all normal and emergency changes prior to deployment
Contribute code reviews and implementation across multiple languages (Python, TypeScript, Go, Terraform/HCL), upholding secure coding and operational best practices
Monitoring, Reliability & Incident Response
Implement comprehensive monitoring, logging, and alerting in CloudWatch (metrics, logs, dashboards, alarms) and integrate alerts with incident channels
Participate in production support including on-call responsibilities as needed, and drive post-incident reviews and reliability improvements
Support Vytalize disaster recovery and business continuity objectives, including adherence to documented backup and recovery procedures, ensuring backups are encrypted, stored securely, and retained according to policy
Documentation & Operational Standards
Document architecture, runbooks, and standard operating procedures for build, release, disaster recovery, and incident response
Contribute code reviews and implementation across multiple languages (Python, TypeScript, Go, Terraform/HCL), upholding secure coding and operational best practices
Security & Compliance
Coordinate with the Information Security team to securely configure and maintain applications with secure authentication mechanisms, role-based access, and support for access reviews in accordance with the Identity Management Authentication and Access Control and Data and Platform Security policies
Adhere to the Change Management policy, which includes documenting, reviewing, and obtaining approval for all normal and emergency changes prior to deployment; submit a change request, ensure an information security impact assessment is completed, coordinate pre-implementation activities, and ensure approvals are in place prior to implementation
Maintain accountability for secure software development practices, including secure coding standards, vulnerability scanning, and remediation prior to production deployment
Apply hardening standard configurations in conjunction with Information Security and ensure vulnerabilities are remediated in accordance with the Vulnerability Management policy
Ensure firewall configurations align with Data and Platform policy, including documentation with justifications for all rule changes, removal of obsolete rules, and participation in Information Security firewall rule reviews
Support Vytalize disaster recovery and business continuity objectives, including adherence to documented backup and recovery procedures, ensuring backups are encrypted, stored securely, and retained according to Vytalize policies
Maintain accurate and up-to-date inventories of hardware, software, and cloud assets throughout their lifecycle from acquisition to decommissioning, ensuring assets are classified, assigned to owners, tracked in approved systems, and aligned with Information Security policies
REQUIRED QUALIFICATIONS
The following qualifications are required to perform this role.
Education
Bachelor's degree in Computer Science, Information Systems, Engineering, or equivalent practical experience
Experience
4+ years of hands-on DevOps, Site Reliability, Platform Engineering, or Cloud Engineering experience in production AWS environments
Demonstrated experience owning Terraform-based infrastructure in production, including modules and AWS provider v5/v6
Proven experience building and operating CI/CD pipelines in GitHub Actions for both infrastructure and applications
Experience deploying and supporting containerized workloads with Docker and AWS ECS/Fargate, and serverless services with Lambda and API Gateway
Experience implementing monitoring, logging, and alerting with CloudWatch
Experience building or operating infrastructure for AI/ML workloads
Skills & Competencies
Strong hands-on experience with AWS: VPC, subnets, routing, NACLs, Security Groups, IAM, EC2, ECS/Fargate, S3, EventBridge
Terraform expertise for production infrastructure, including module design and management, AWS provider v5/v6, state management, and code review
CI/CD proficiency with GitHub Actions workflows for plan/apply, build/test, artifact and image pipelines, and environment promotion strategies
Monitoring and alerting with CloudWatch: dashboards, metrics, logs, alarms, log insights, and integration with incident channels
Docker image authoring and hardening, ECS task and service configuration, and deployment strategies
Event-driven architectures using Lambda, API Gateway, and EventBridge
Strong understanding of cloud security fundamentals including least privilege, encryption, secret management, network segmentation, and cost governance
Clear communication, collaborative problem solving, and bias for automation with high standards for documentation and reliability
PREFERRED QUALIFICATIONS
The following qualifications are preferred but not required.
Exposure to AI agent frameworks or LLM-based tooling (e.g., AWS Bedrock/AgentCore, LangChain, or similar) is a big plus
Experience with compliance automation tooling and SOC2 evidence collection
Experience with data quality and observability platforms
Knowledge of data anonymization and privacy-preserving infrastructure patterns
Experience with AWS EKS / Kubernetes deployment and operations
Databricks experience (clusters, jobs, permissions, metastores) and integration with cloud networking and identity
Streaming and data pipeline experience with Kinesis, EventBridge Scheduler, or equivalent managed services
Federated identity and access management: OIDC, SAML, Entra ID, Cognito, and workload identity federation for CI/CD
Compliance automation and evidence tooling that supports SOC 2 controls in cloud environments
On-call experience and comfort with incident response, including runbook creation and post-incident analysis
Experience with policy-as-code and guardrails (e.g., SCPs, IAM boundaries, OPA/Conftest)
Familiarity with secrets management and parameterization (AWS Secrets Manager, SSM Parameter Store)
Exposure to cost optimization, tag policies, and FinOps practices