At Fuze Health, we put patients first and tirelessly address the most pressing needs in healthcare. We empower millions to digitally connect with care providers, essential health resources and needed treatments – and enable care providers, employers, health plans and life sciences companies to meaningfully enhance quality, outcomes and value. We are dedicated to helping our partners evolve and modernize to meet emerging patient and marketplace needs.

Fuze Health’s foundation is built upon the strategic combination of several proven, technology-powered innovators in the digital health, diagnostics, and pharmacy sectors. Our growing portfolio brings together the capabilities of industry leaders including LetsGetChecked, Truepill, and Alto Pharmacy, to create a distinctive, unified force in healthcare. Together, we have the shared vision, advanced capabilities and talented teams to deliver next-generation solutions that patients and healthcare partners need today and into the future.





Job Description
Alto Pharmacy (Fuze Health) is seeking a Staff DevSecOps Engineer to join our Engineering organization. As a full-service pharmacy operating nationally across mail-order and physical pharmacy locations, we build and operate highly reliable, secure, and compliant systems that directly impact patient health and safety.
In this role, you will operate as a senior technical leader responsible for embedding security deeply into our engineering lifecycle. You will define DevSecOps strategy, elevate our cloud and application security posture, and partner cross-functionally to ensure Alto’s platform is secure, scalable, compliant, and resilient as we grow nationwide.
This is a hands-on technical leadership role for someone who thrives in complex, regulated environments and wants to shape security architecture at scale.

Job Description
 

Key Responsibilities

Technical Strategy & Architecture

• Define and lead the DevSecOps vision and roadmap across infrastructure, application, and CI/CD ecosystems.

• Architect secure-by-design cloud-native systems across AWS/GCP environments.

• Establish security patterns, guardrails, and reference architectures for engineering teams.

• Evaluate and implement modern security tooling across SAST, DAST, SCA, container scanning, IaC scanning, and runtime protection.

Secure SDLC & Automation

• Embed security controls into CI/CD pipelines and developer workflows.

• Drive infrastructure-as-code security best practices (Terraform, CloudFormation, etc.).

• Automate security testing and compliance checks to reduce manual overhead.

• Implement policy-as-code and automated governance controls.

Cloud & Infrastructure Security

• Lead identity and access management (IAM) strategy and least-privilege enforcement.

• Strengthen container and Kubernetes security posture.

• Oversee secrets management, encryption standards, and key management processes.

• Partner with infrastructure teams on network segmentation, zero-trust architectures, and environment isolation.
   

Risk, Compliance & Incident Response

• Support and mature Alto’s security program in alignment with HIPAA, SOC 2, HITRUST, and other healthcare regulatory frameworks.

• Conduct threat modeling, security design reviews, and architecture risk assessments.

• Partner with Security and Compliance teams on audits and remediation efforts.

• Provide senior-level leadership during security incidents, including root cause analysis and long-term mitigation planning.

Technical Leadership

• Mentor senior and mid-level engineers on secure coding and DevSecOps practices.

• Influence engineering leadership and executive stakeholders on security strategy and risk prioritization.

• Drive cross-functional alignment across Engineering, Product, IT, and Compliance.

• Raise the overall security maturity of the organization through scalable frameworks and standards.

Required Experience & Qualifications

Minimum Qualifications:

• 14+ years of experience in software engineering, infrastructure engineering, or security engineering, with significant experience in DevSecOps environments.

• Deep expertise in cloud security architecture (AWS and/or GCP).

• Strong experience securing containerized and Kubernetes-based environments.

• Hands-on experience with CI/CD systems (GitHub Actions, GitLab CI, CircleCI, Jenkins, etc.).

• Expertise in infrastructure-as-code (Terraform, CloudFormation) and securing IaC pipelines.

• Strong knowledge of application security principles, OWASP Top 10, and secure coding practices.

• Experience implementing and scaling SAST, DAST, SCA, container scanning, and secrets detection tools.

• Deep understanding of IAM, RBAC, zero-trust models, and encryption best practices.

• Experience operating in regulated environments (HIPAA, SOC 2, HITRUST, PCI, etc.).

• Strong scripting or programming skills (Python, Go, Ruby, or similar).

• Demonstrated ability to influence architectural decisions at a Staff or Principal level.

Preferred Qualifications: 

• Experience in healthcare, pharmacy, fintech, or other highly regulated industries.

• Experience building DevSecOps programs from early-stage to scale.

• Background in site reliability engineering (SRE) or platform engineering.

• Security certifications such as CISSP, CISM, CCSP, or cloud security certifications (AWS/GCP).

• Experience implementing threat modeling frameworks (STRIDE, PASTA, etc.).

• Experience with observability platforms and integrating security telemetry into monitoring systems.

Additional Information
 

Additional Physical Job Requirements

Physical requirements for this role include the ability to work at a computer terminal with monitor, keyboard and mouse for extended periods of time, stoop, bend, and reach for equipment and supplies, make frequent repetitive motions required to operate a computer that include the wrists, hands and fingers, and lift, carry, push, pull, and move light objects up to 20 pounds. The role also requires the ability to effectively communicate through verbal interactions, discern auditory information, and visually perceive details to perform essential job functions.

Consistent with the Americans with Disabilities Act (ADA) and similar applicable state laws, it is Fuze Health’s policy to provide reasonable accommodation to enable qualified individuals with disabilities to perform essential job functions, unless such accommodation would cause an undue hardship.

Salary and Benefits 

Salary Range: $166,00 - $200,000

Commission Eligible: No

Travel: No - Required up to 0% of the time  

Location Requirement: Alto is limited to individuals residing in the following states: Arizona, Arkansas, California, Colorado, Florida, Kansas, Maryland, Missouri, Nevada, New Jersey, New York, North Carolina, Oregon, Pennsylvania, South Carolina, Tennessee, Texas, Washington (WA), and Wisconsin.

Employment Authorization Requirement: Applicants must be authorized to work for any employer in the U.S. 

Benefits: Full-time employee benefits include: dental, vision, and multiple group medical plans to choose from, a 401(k) retirement savings plan, group life insurance, accidental death and dismemberment (AD&D) insurance, flexible spending account (FSA) and health savings account (HSA), commuter benefits, employer-paid short-term (STD) and long-term disability (LTD) insurance, and additional supplemental insurance plans (spouse life insurance, legal insurance, an employee assistance program, home health testing kits, and a fertility medication discount program). Employees are also provided flexible vacation time, accrued paid sick time, 10 paid holidays, (2 floating holidays for full time non-exempt employees) , and eight weeks of paid parental leave for eligible employees, additional paid weeks for the birthing parent, 4 weeks paid caregiver leave, and a Lifestyle Spending Account allowance each month.

More Benefits Information Here: Fuze Health Benefits Site 

 

Application deadline: March 15, 2026

#LI-Remote 

Fuze Health is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, national origin, religion, sex, gender identity, sexual orientation, age, disability, veteran status, or any other legally protected basis. If you have a disability and require reasonable accommodation during any portion of the application or hiring process, please contact us at talent@fuzehealth.com.

Fuze Health considers qualified applicants with arrest or conviction records for employment and conducts background checks consistent with applicable law, including the California, Los Angeles County, San Francisco, Philadelphia, and New York City Fair Chance laws. We are an E-Verify participating company.

Fuze Health recruiters and hiring managers may use automated decision-making tools to assist with identifying candidates who match the stated job requirements, and to what extent. These tools are designed to help ensure fairness in all aspects of the hiring process by providing recruiters and hiring managers with data-backed insights based on information provided in your resume, including work experience, education, and other skills. If you have any questions or would like to request an alternative process, please contact us at talent@fuzehealth.com. To learn about Fuze Health’s privacy practices including compliance with applicable privacy laws, please click here.