Job ID: 1136
Role Overview: DevSecOps in the Medical Device Industry
DMS Visions INC is looking for a specialized DevSecOps Engineer to join a high-impact project in Milpitas, CA, focused on the medical device sector. In 2026, the intersection of healthcare technology and cybersecurity is under intense regulatory scrutiny. This role requires a professional who understands not only the technical aspects of CI/CD and automation but also the rigorous compliance standards required for medical software and firmware. You will be responsible for designing and implementing a secure development lifecycle that ensures patient safety and data integrity.
Core Responsibilities and Technical Challenges
- Infrastructure as Code (IaC): Design and implement various development, testing, and automation tools. You will build the required infrastructure to support a fast-paced medical device development environment, ensuring that all environments are reproducible and validated.
- Process Definition: Define and set up development, test, release, update, and support processes for DevOps operations. This includes creating a culture of security-first development where vulnerabilities are identified and mitigated early in the lifecycle.
- Validation and Documentation: In the medical device world, documentation is as important as the code itself. You will document and validate build environments for customer products to meet FDA and international regulatory requirements.
- CI/CD Pipeline Optimization: Incorporate industry standards and best practices to continuously improve the CI/CD pipeline. This involves integrating security scanning tools (SAST/DAST) directly into the automated build process.
- SBOM Automation: A critical requirement for 2026 is the automation of Software Bill of Materials (SBOM) generation. You will ensure that every software and firmware build has a transparent and automated inventory of components to manage supply chain risks.
- Troubleshooting and Release Management: Troubleshoot, identify, and fix problems within the DevSecOps domain. You will also perform unit testing on build outputs and prepare them for formal release in a regulated environment.
The Regulatory Landscape of 2026
The medical device industry is currently facing unprecedented challenges regarding cybersecurity. With the rise of connected health and IoT-enabled medical equipment, the DevSecOps Engineer plays a pivotal role in preventing cyber threats that could compromise device functionality. This position requires a deep understanding of Medical Device Regulations (MDR) and the ability to implement technical controls that satisfy auditors while maintaining development velocity. You will work at the heart of digital transformation, bridging the gap between traditional medical engineering and modern cloud-native security practices.
Essential Skills and Qualifications
- 4-6 years of experience in a DevOps or DevSecOps role, preferably within a regulated industry such as Healthcare or Aerospace.
- Strong proficiency in automation tools (Jenkins, GitLab CI, GitHub Actions) and containerization (Docker, Kubernetes).
- Experience with security integration in the pipeline, including vulnerability scanning and compliance monitoring.
- Familiarity with medical device regulations and the specific requirements for software validation (e.g., IEC 62304).
- Expertise in automating SBOM generation and managing open-source license compliance.
- Excellent problem-solving skills and the ability to work in a collaborative, cross-functional team environment in Milpitas, CA.
Special Requirements
Domain restriction: Medical Device & Regulations experience required.
Compensation & Location
Salary: $160,000 – $200,000 per year (Estimated)
Location: Milpitas, CA
Recruiter / Company – Contact Information
Recruiter / Employer: DMS Visions INC
Email: akhilesh@dmsvisions.com
Recruiter Notice:
To remove this job posting, please send an email from
akhilesh@dmsvisions.com with the subject:
DELETE_1136