Epic Principal DevSecOps Engineer
QUEST DIAGNOSTICS INC, Secaucus, NJ, United States
Job Description
This position is hybrid and will require 3 days on site at one of the following Quest sites: Secaucus, NJ or Schaumburg, IL.
Benefits Information
We are proud to offer best-in-class benefits and programs to support employees and their families in living healthy, happy lives. Our pay and benefit plans have been designed to promote employee health in all respects physical, financial, and developmental. Depending on whether it is a part-time or full-time position, some of the benefits offered may include:
Day 1 Medical, supplemental health, dental & vision for FT employees who work 30+ hours
Best-in-class well-being programs
Annual, no-cost health assessment program
Blueprint for Wellness
healthyMINDS mental health program
Vacation and Health/Flex Time
6 Holidays plus 1 MyDay off
FinFit financial coaching and services
401(k) pre-tax and/or Roth IRA with company match up to 5% after 12 months of service
Employee stock purchase plan
Life and disability insurance, plus buy-up option
Flexible Spending Accounts Annual incentive plans
Matching gifts program
Education assistance through MyQuest for Education Career advancement opportunities and so much more!
We are seeking an Azure Principal DevSecOps Engineering lead with extensive experience in leading large-scale cloud transformations for mission‑critical Tier 1 business applications. This is a high‑impact technical leadership role requiring one to bridge the gap between complex infrastructure architecture and modern DevOps automation. You will be responsible for the resilience, security, and scalability of our entire Azure ecosystem, ensuring zero‑downtime deployments for high‑traffic global services.
Responsibilities
Lead the design and deployment of high‑availability, fault‑tolerant Tier 1 applications, ensuring 99.99% uptime through multi‑region strategies.
Act as the Subject Matter Expert (SME) for core Azure services, including Compute, VNet peering, ExpressRoute, Storage Accounts, and advanced Azure Load Balancer/Application Gateway configurations.
Design and oversee complex migrations and management of Azure SQL Managed Instances and PaaS DBs along with Azure Site Recovery (ASR) and Enterprise Azure Backups.
Implement a 'Zero Trust' framework. Take full ownership of Azure Firewall (Premium), WAF, Identity Management (Entra ID), and automated compliance monitoring.
Standardize enterprise‑wide Infrastructure as Code (IaC) using Terraform (Advanced modules/Sentinel) and Ansible for configuration management at scale.
Architect and govern the enterprise GitHub Actions strategy, focusing on security 'shifting left,' automated testing integration, and blue‑green/canary deployment patterns.
Qualifications
Required Work Experience:
10+ years of experience in infrastructure engineering with a mastery of the Azure ecosystem.
Expert‑level proficiency in Terraform and Ansible to manage immutable infrastructure.
Extensive experience building complex, multi‑stage CI/CD workflows in GitHub Actions.
Deep expertise in Hub‑and‑Spoke topology, Azure Private Link, and advanced firewall rule management.
Experience with Azure Policy, Blueprints, and Cost Management (FinOps).
Proven track record of managing large scale Azure environments
Education:
Required: Bachelor’s degree in any professional area
Preferred: Master’s degree in computer science or MBA/MTech
Preferred Certifications :
Microsoft Certified: Azure Solutions Architect Expert (AZ‑305)
Microsoft Certified: Azure DevOps Engineer Expert (AZ‑400)
Microsoft Certified: Azure Security Engineer Associate (AZ‑500)
Preferred Qualification:
Experience with Health Care industry is a plus
Knowledge:
Platform Engineering, Design and Architecture
Skills:
Azure Infrastructure & Architecture Expertise, Automation & Infrastructure as Code (IaC), CI/CD Orchestration, Security & Governance (DevSecOps), Leadership & Strategic Vision
Equal Opportunity Employer
Equal Opportunity Employer: Race/Color/Sex/Sexual Orientation/Gender Identity/Religion/National Origin/Disability/Vets or any other legally protected status.
#J-18808-Ljbffr
This position is hybrid and will require 3 days on site at one of the following Quest sites: Secaucus, NJ or Schaumburg, IL.
Benefits Information
We are proud to offer best-in-class benefits and programs to support employees and their families in living healthy, happy lives. Our pay and benefit plans have been designed to promote employee health in all respects physical, financial, and developmental. Depending on whether it is a part-time or full-time position, some of the benefits offered may include:
Day 1 Medical, supplemental health, dental & vision for FT employees who work 30+ hours
Best-in-class well-being programs
Annual, no-cost health assessment program
Blueprint for Wellness
healthyMINDS mental health program
Vacation and Health/Flex Time
6 Holidays plus 1 MyDay off
FinFit financial coaching and services
401(k) pre-tax and/or Roth IRA with company match up to 5% after 12 months of service
Employee stock purchase plan
Life and disability insurance, plus buy-up option
Flexible Spending Accounts Annual incentive plans
Matching gifts program
Education assistance through MyQuest for Education Career advancement opportunities and so much more!
We are seeking an Azure Principal DevSecOps Engineering lead with extensive experience in leading large-scale cloud transformations for mission‑critical Tier 1 business applications. This is a high‑impact technical leadership role requiring one to bridge the gap between complex infrastructure architecture and modern DevOps automation. You will be responsible for the resilience, security, and scalability of our entire Azure ecosystem, ensuring zero‑downtime deployments for high‑traffic global services.
Responsibilities
Lead the design and deployment of high‑availability, fault‑tolerant Tier 1 applications, ensuring 99.99% uptime through multi‑region strategies.
Act as the Subject Matter Expert (SME) for core Azure services, including Compute, VNet peering, ExpressRoute, Storage Accounts, and advanced Azure Load Balancer/Application Gateway configurations.
Design and oversee complex migrations and management of Azure SQL Managed Instances and PaaS DBs along with Azure Site Recovery (ASR) and Enterprise Azure Backups.
Implement a 'Zero Trust' framework. Take full ownership of Azure Firewall (Premium), WAF, Identity Management (Entra ID), and automated compliance monitoring.
Standardize enterprise‑wide Infrastructure as Code (IaC) using Terraform (Advanced modules/Sentinel) and Ansible for configuration management at scale.
Architect and govern the enterprise GitHub Actions strategy, focusing on security 'shifting left,' automated testing integration, and blue‑green/canary deployment patterns.
Qualifications
Required Work Experience:
10+ years of experience in infrastructure engineering with a mastery of the Azure ecosystem.
Expert‑level proficiency in Terraform and Ansible to manage immutable infrastructure.
Extensive experience building complex, multi‑stage CI/CD workflows in GitHub Actions.
Deep expertise in Hub‑and‑Spoke topology, Azure Private Link, and advanced firewall rule management.
Experience with Azure Policy, Blueprints, and Cost Management (FinOps).
Proven track record of managing large scale Azure environments
Education:
Required: Bachelor’s degree in any professional area
Preferred: Master’s degree in computer science or MBA/MTech
Preferred Certifications :
Microsoft Certified: Azure Solutions Architect Expert (AZ‑305)
Microsoft Certified: Azure DevOps Engineer Expert (AZ‑400)
Microsoft Certified: Azure Security Engineer Associate (AZ‑500)
Preferred Qualification:
Experience with Health Care industry is a plus
Knowledge:
Platform Engineering, Design and Architecture
Skills:
Azure Infrastructure & Architecture Expertise, Automation & Infrastructure as Code (IaC), CI/CD Orchestration, Security & Governance (DevSecOps), Leadership & Strategic Vision
Equal Opportunity Employer
Equal Opportunity Employer: Race/Color/Sex/Sexual Orientation/Gender Identity/Religion/National Origin/Disability/Vets or any other legally protected status.
#J-18808-Ljbffr