Security Centric DevSecOps Lead - Evinova
At Evinova, while we innovate to transform patient care through technology, we prioritize the security of our digital solutions to meet and exceed the exacting requirements of the healthcare industry. Transform billions of patients’ lives through technology, data and pioneering ways of working. We’re building a new type of health-tech business – Evinova, a fully-owned subsidiary of AstraZeneca Group.
Evinova delivers market-leading digital health solutions that are science-based, evidence-led and human experience-driven. Smart risks and quick decisions come together to accelerate innovation across the life sciences sector. Be part of a diverse team that pushes the boundaries of science by digitally empowering a deeper understanding of the patients we’re helping. Launch groundbreaking digital solutions that improve the patient experience and deliver better health outcomes. Together, we can combine deep scientific expertise with digital and artificial intelligence to serve the wider healthcare community and create new standards across the sector.
Our Cloud platform will play a crucial part in the success of Evinova as the foundation for our current and future digital products. As we begin our journey, we are seeking a dedicated and experienced security-centric DevSecOps Lead with a strong focus on integrating and automating key aspects of the engineering, security, and operational processes for the Cloud Platform. This role demands a strategic leader who not only excels in DevOps practices but also prioritizes and integrates security measures at every step, ensuring adherence to the highest security standards.
What will be your key responsibilities?
The DevSecOps Lead will be at the intersection of engineering, security, and operations within our platform and organization, responsible for implementing security and compliance policies and controls, while fostering innovation, collaboration, and scalability. This role requires collaborating closely with decentralized DevOps teams to create a robust and secure CI/CD pipeline and cloud platform, integrating security seamlessly into the software development and delivery lifecycle. The successful candidate should have a deep understanding of software engineering, be meticulous, and possess strong technical background. You will be expected to both lead a team and guide through experience, humility, and mentorship. You will help create strategies for DevSecOps best practices for a multi-tenant SaaS cloud platform and help foster collaboration between your team and other teams within Evinova to ensure an enjoyable, efficient, and productive workspace for everyone.
This position offers a unique opportunity to lead, innovate, and make a significant impact on our ability to meet customer needs, presenting an opportunity to join Evinova from the beginning, implementing a market-leading, foundational platform designed by industry, for industry. The ideal candidate for this role will possess a strong ability to drive innovation and demonstrate proven capabilities in challenging, negotiating, and influencing others. They should also excel in collaboration, relationship building, and have meticulous attention to detail to ensure data integrity, accuracy, and compliance. Additionally, the candidate must exhibit leadership skills, the ability to make pragmatic decisions, and stay calm under pressure, while actively identifying untapped opportunities and driving benefit realization.
Required Qualifications
High School diploma and 10+ years of proven experience or Bachelor’s Degree with 8+ years of proven experience
Strong leadership skills with a track record of leading and a managing high-performance DevSecOps team focused on cloud infrastructure
Strong knowledge of cloud platforms (e.g., AWS, Azure, GCP) and modern DevSecOps practices.
Experience with AWS WAF, AWS Shields, AWS Firewall Manager, AWS Cloudtrail, Prometheus
Understanding of regulatory requirements in the pharmaceutical industry, including compliance with FDA and international regulatory agencies.
Proficiency in security best practices, data protection, and encryption methods.
Experience with modern programming languages.
Excellent problem-solving, project management and communication skills to support engagement with customers and internal collaborators
Familiarity with technical concepts in infrastructure or applications.
Proficient in data security standards and regulatory compliance, particularly in the healthcare and clinical research industry.
Knowledge of industry good practice and standards such as ISO (multiple), GAMP GxP, ICH GCP, FDA 21 CFR, GDPR, CMMI, ITIL, GDPR.
Direct customer experience using in-scope products.
Desired Qualifications
Security certifications are preferred, for example: Certified Information Systems Security Professional (CISSP) and Certified Cloud Security Professional (CCSP)
In Office Statement
When we put unexpected teams in the same room, we unleash bold thinking with the power to inspire life-changing medicines. In-person working gives us the platform we need to connect, work at pace and challenge perceptions. That’s why we work, on average, a minimum of three days per week from the office. We balance the expectation of being in the office while respecting individual flexibility. Join us in our unique and ambitious world. This role can be performed in Gaithersburg MD USA or Barcelona ES. This role does not support remote or alternative travel constructs.
Why Evinova and AstraZeneca?
Evinova draws on AstraZeneca’s deep experience developing novel therapeutics, informed by insights from thousands of patients and clinical researchers. Together, we can accelerate the delivery of life-changing medicines, improve the design and delivery of clinical trials for better patient experiences and outcomes, and think more holistically about patient care before, during, and after treatment. Interested? Come and join our journey.
AstraZeneca embraces diversity and equality of opportunity. We are committed to building an inclusive and diverse team representing all backgrounds, with as wide a range of perspectives as possible, and harnessing industry-leading skills. We believe that the more inclusive we are, the better our work will be. We welcome and consider applications to join our team from all qualified candidates, regardless of their characteristics. We comply with all applicable laws and regulations on non-discrimination in employment (and recruitment), as well as work authorisation and employment eligibility verification requirements.
