DevSecOps Engineer

Toronto, ON, Canada

Full Time

WellStar

Mid Level

Join us as we change healthcare for the better.

OceanMD, a WELLSTAR Company, is the leading provider of EMR-integrated Patient Engagement and eReferral tools in Canada, playing a critical role in millions of patient visits and thousands of referrals every week. Our digital healthcare solutions empower patients and physicians to overcome the barriers preventing the timely delivery of healthcare services. By replacing paper forms with digital tools, we give patients and providers secure ways to connect, share health information, and update patient records. Our tools:

Empower patients to share health information with their physician before, during, and after visits, helping to ensure health records are up to-date and accurate while improving patient care.
Meet the growing demand for digital solutions with online booking and secure messaging that improves the patient’s experience, reduces the need for unnecessary phone calls, and makes clinics more efficient.
Improve access to care by replacing faxes, displaying wait times, and reducing the time to process and access specialist referrals.

Who we need

Reporting to the Senior Director, Cloud Operations and Security, we are looking for a DevSecOps Engineer to join our cloud engineering and security-focused team. In this role, you will lead initiatives to embed security into every layer of our AWS environments and delivery pipelines, while also contributing to the day-to-day operations that ensure our platform remains stable, performant, and highly available.

You will play a critical role in designing secure infrastructure, implementing automation, and promoting security-first practices across the organisation. In addition, you will be actively engaged in supporting operations, infrastructure, and tooling, ensuring the resilience, scalability, and protection of our cloud-based SaaS platform that serves Canadian healthcare practitioners.

You will combine deep technical expertise and a proactive mindset to contribute to key platform areas such as:

AWS Cloud Security and Operations
Infrastructure as Code (Terraform, Ansible, Jenkins)
Secure Networking (VPC, firewalls, VPNs, IAM)
Security tools (CSPM, DSPM, ASPM, Vulnerability Management)
CI/CD Pipeline Security and Automation
Monitoring, Alerting, and Incident Response
Governance, Compliance, and Policy-as-Code

This is a full-time hybrid role working 3 days per week on site in our Toronto office.

What’s in it for you

Impact. You will directly build, optimize, and influence the security and reliability of a national healthcare platform, protecting sensitive patient data and ensuring practitioners have uninterrupted access to the tools they depend on.

Cutting-edge technology. You will work with the latest AWS services, DevSecOps tooling, and Infrastructure as Code practices, building automated pipelines that integrate security from the start. You will gain exposure to advanced cloud security frameworks, compliance automation, and modern observability tools.

Career growth. You will join a collaborative team that values accountability and integrity. As a senior member, you will have opportunities to lead critical cloud infrastructure and security projects, take ownership, and leverage AI tools. At OceanMD, your aspirations will be supported with access to education, certification and increased accountability in this individual contributor role.

How you will make an impact

Secure by design. You will implement security controls across AWS environments, Infrastructure as Code, and CI/CD pipelines, embedding best practices into daily operations.
Enable compliance. You will help maintain ISO 27001 and SOC 2 alignment, supporting audit readiness and implementing governance-as-code to enforce compliance.
Be proactive. You will improve monitoring and alerting systems to detect and mitigate risks before they impact customers. You will lead incident response efforts and post-mortems, driving a culture of continuous improvement.
Collaborate. You will partner with developers, Product, and operations to eliminate barriers, share knowledge, and foster a security-first culture across the organization.

What you bring

The experience. You have honed your expertise in DevSecOps, DevOps, Site Reliability, or Cloud Engineering, in progressively autonomous and complex roles. You have led or significantly contributed to cloud security initiatives. You have worked in a SaaS environment and ideally have exposure in healthcare technology.
The technical skills. You are an expert in AWS cloud services and security models. You are fluent in Infrastructure as Code (Terraform, Ansible, Jenkins) and have advanced experience with CI/CD, monitoring, networking and container security. You are familiar with tools such as SIEM, CSPM, DSPM, ASPM and IaC security scanners.
The collaborative approach. You are a strong communicator and mentor. You build trust across teams and excel at breaking down complex security concepts into actionable solutions.
The flexibility. You are available for a rotating 24/7 on-call schedule, and you thrive in dynamic environments where priorities can shift quickly.

What you can expect from our interview process:

A virtual interview with a Talent Advisor discussing your interest in the role and the company.
An in-person or virtual interview with the Senior Director of Cloud Operations and Security, the Vice President, Architecture to explore the fit between your skills, experience, and role.
An in-person technical interview with senior members of the cross functional team. You will be given a problem or assignment and asked to build a solution. You will be able to discuss your approach and choices.
A virtual interview with the CEO and COO. You will be able to share your insights and have time to ask questions about the company and the opportunity.

Our culture, our team

We’re a scaling company, expanding rapidly across the country. We are incredibly passionate about our ability to make a difference in the lives of Canadians through our technology and we firmly believe that we can do our best work with realistic deadlines and transparent communication about where we are and what’s next for us as an organization. We understand the time it takes to revolutionize a paper-based industry and develop and release high-quality resilient, compliant, and responsive technology that is easy to use so we ensure that pace is factored into our projects and deliverables across the organization.

Our focus is your growth and professional satisfaction, resulting in clear opportunities to help us scale and be better through your ideas, and the chance to be part of projects, and try new things. We are dedicated to our team, and we strongly believe that family comes first. To that end, we strive to find opportunities to support balance in the workplace and between work and home. As part of this, we have flexible hours, regular opportunities for social get-togethers, and meeting-free Friday afternoons.

Everyone here is deeply committed to what we can do - and the potential we have to do more. As a result, we provide an opportunity for Cognisant Causes, our name for passion projects in healthcare where no funding is available and a little technical expertise and time is needed to make a big difference. It’s a way to give back and to add further meaning to what you do here.

A note on values

We value ethical behaviour above all else. We care about each other and we respect each other as professionals and people. We treat our clients with respect and keep our word, even if it hurts. We own our mistakes. We strive for honesty and integrity every day in every situation. We look for people who share these values.

We are transforming patient care across the country and we’ve only just begun. Join us

We are always on the lookout for ethically driven, intelligent, and compassionate professionals who want to be part of an energetic culture and company, people who are interested in contributing their talents in a challenging, interdisciplinary environment. If you feel you meet 70% of the qualifications we are looking for and are determined to make a difference, we encourage you to apply. We promise to consider your application fully.

Express your interest here, explore what we do here, or follow us on LinkedIn to stay connected.

We strive to build a diverse team and encourage applications from traditionally underrepresented groups. If we can make this easier through accommodation in the recruitment process, please let us know.

#LI-Hybrid
#LI-DNI

Apply for this position

Required*

First Name*

Last Name*

Email Address*

Phone*

Address

Resume*

We've received your resume. Click here to update it.

Attach resume or Paste resume

Attach resume as .pdf, .doc, .docx, .odt, .txt, or .rtf (limit 5MB) or Paste resume

Paste your resume here or Attach resume file

Help us maintain an inclusive culture.

We want anyone, anywhere to have the same chance and opportunity to build a life they love and that they are proud of. We are proactive in creating a belonging environment that anyone can be a part of. Thoughtful, data-driven decision-making is core to this success. We ask these questions to strengthen our practices by using data to identify and mitigate unconscious bias in our hiring process.

If you choose to answer them, the responses are ONLY used in aggregate to help us identify areas for improvement in our processes. Your responses, or your choice to prefer not to say, will not be associated with your application and will not in any way be used in the hiring decision. For one, that’s illegal, and we’re really not into breaking the law. Keep being awesome, and thank you for considering work at OceanMD.

1) Indigenous peoples: Based on the definition below, are you an Indigenous person?

"Indigenous peoples" means First Nations, Inuit or Métis peoples of Canada.*

2) Persons with disabilities: Based on the definition below, are you a person with a disability?

"Persons with disabilities" are individuals who have a long-term or recurring physical, mental, sensory, psychiatric, or learning impairment, and who consider themselves to be disadvantaged in employment by reason of that impairment, or believe that an employer or potential employer is likely to consider them to be disadvantaged in employment by reason of that impairment. This includes persons whose functional limitations owing to their impairment have been accommodated in their current job or workplace.*

3) Members of visible minorities: Based on the definition below, are you a member of a visible minority?

"Members of visible minorities" are persons, other than Indigenous peoples, who are non-Caucasian in race or non-white in colour, regardless of birthplace.*

4) To which gender do you most identify?*

5) What are your salary expectations?*

6) Are you legally eligible to work in Canada on an ongoing basis?*

7) Preferred Name

8) Are you comfortable with the hybrid work arrangement, which requires three days per week in the Toronto office?*

9) How many years of Infrastructure and automation experience do you have? Please list tools you have used.*

10) How comfortable are you with Linux System Administration? Please explain.*

Human Check*

Submit Application