Maxor is seeking an experienced DevSecOps Engineer to join our growing IT Security Team. The DevSecOps Engineer position at Maxor involves the forefront integration of security within development and operational processes. The role encompasses the design, implementation, and maintenance of secure automation solutions for continuous integration and continuous delivery (CI/CD), enhancing security posture and operational resilience. Collaboration with cross-functional teams ensures security embedding in every software development phase, from design to deployment, while adhering to regulatory compliance and best practices. Provides guidance and solutions to development teams for SSDLC operations including software composition analysis and vulnerability management.

Position Location

This is a remote-based position within the Continental US.

Our Company

Founded in 1926, Maxor is a leading, independent pharmacy solutions platform that improves prescription drug affordability and outcomes. Over time, Maxor has built a unique and complementary suite of services and technology offerings that deliver clinical, financial and strategic value to patients, payors and providers across the pharmacy supply chain. Maxor has a proud heritage of growth and innovation earned over the decades. Amarillo, Texas is the legacy headquarters for Maxor, but our talent base is national. We operate pharmacies and other business operation sites across the United States with more than 1100 employees working from 42 states.

Why Maxor?

Pharmacies are essential to healthcare, with nearly 90% of the US population living within 5 miles of one and seeing their pharmacist an average of 12 times a year. Providing a positive patient experience is crucial to ensuring patients adhere to their therapies.  At Maxor, we recognize that our employees are our most valuable assets. We actively seek and retain talented professionals who are mission-driven to improve healthcare outcomes for patients. Our employees are essential to their own well-being, finding fulfillment in meaningful work, competitive compensation, diverse and inclusive teams, and limitless career possibilities.  With a workforce of 1,000+ and almost a century of pharmacy experience, we offer the stability of a Fortune 500 company and the energy and innovation of a startup. Our expertise and technology support the entire pharmacy ecosystem, but our impact goes beyond pharmacy services. We enable pharmacy care.

1. Develop and implement secure automation strategies for CI/CD pipelines.
2. Collaborate with development and operations teams to integrate security measures into the DevOps practices.
3. Conduct security risk assessments and vulnerability testing at various stages of software development.
4. Develop and enforce security best practices and policies across the organization.
5. Automate security controls and compliance validation processes.
6. Monitor and respond to security incidents, providing post-mortem analysis and implementing preventive measures.
7. Stay updated with the latest security threats, technologies, and practices, and advise on security enhancements.
8. Facilitate security training and awareness programs for development and operations teams.
9. Keeps abreast of the latest intelligence from law enforcement and other sources of cyber threat information.
10. Work is generally independent and collaborative in nature.
11. Contributes to moderately complex aspects of a project.

Education:                             

• Bachelor’s degree in Computer Information Systems, Computer Science Business Management, or similar discipline from an accredited college or university preferred.
• Certification in Azure DevOps or equivalent with relevant security certifications such as CISSP, CSSLP, or equivalent preferred.

Experience:                           

• 3-5 years of directly related experience.

Knowledge, Skills, and Abilities:

1. Strong understanding of CI/CD tools (e.g., Jenkins, GitLab CI, Travis CI) and infrastructure as code (IaC) tools (e.g., Terraform, Ansible).
2. Proficiency in scripting languages (e.g., Python, Bash).
3. Solid understanding of cloud environments (AWS, Azure, GCP) and containerization technologies (Docker, Kubernetes).
4. In-depth knowledge of application security principles, threat modeling, and secure coding practices.
5. Experience with security tools and frameworks (e.g., OWASP ZAP, SonarQube, BurpeSuite).
6. Familiarity with regulatory standards and compliance requirements (e.g., GDPR, HIPAA, SOC 2).
7. In-depth understanding of DevSecOps principles with a proven track record of integrating security into the SDLC
8. Excellent problem-solving skills and the ability to work in a fast-paced, dynamic environment.
9. Strong communication and collaboration skills.
10. Strong interpersonal and communication skills and the ability to work effectively with a wide range of personnel.
11. Experience with role based access control (AD, ADFS, SAML) (e.g. Azure, Ping Identity, Okta, etc.)
12. Knowledge of cloud security design and architecture preferred.
13. Knowledge of current technological developments/trends in area of expertise.
14. Knowledge of computer security system applications, procedures and techniques.
15. Ability to communicate technical information to non-technical personnel.
16. Ability to plan, develop, and coordinate multiple projects.
17. Serves as a cybersecurity subject matter expert, assessing the business impact of cybersecurity risks to the enterprise and identifying options and recommendations for mitigating those risks.

WE OFFER

At Maxor, we foster a diverse and progressive culture that promotes a work-from-home model and a "dress-for-your-day" approach to work attire. Our team-oriented environment encourages collaboration and innovation.  

We offer highly competitive compensation and comprehensive health benefits including:

• Comprehensive mental health and wellbeing resources
• Nationwide Blue Cross Blue Shield PPO with employee-friendly plan design, including a $850 individual annual medical deductible and $25 office visit copays, with low biweekly premiums
• Company-paid basic life/AD&D, short-term and long-term disability insurance
• Rx, dental, vision, other voluntary benefits, and FSA
• Employer-matched 401k Plan
• Industry-leading PTO plan
• And more!

Apply today at: https://www.maxor.com/careers/     

Maxor is an EOE, including disability/vets