Search
Header navigation
Director of DevSecOps (Remote)

Director of DevSecOps (Remote)

tango
locationPhoenix, AZ 85016, USA
PublishedPublished: 5/1/2026
Leadership / Executive Board
Full Time

Job Overview

tango is seeking a Director of DevOps & Security (DevSecOps) to own and lead both the DevOps and Security functions across the organization. This role is accountable for building a secure, scalable, and compliant software delivery platform that supports Tango’s healthcare mission and EDI-driven solutions.

This leader will be responsible for cloud infrastructure, CI/CD, operational reliability, and enterprise security, ensuring that HIPAA, SOC 2, and HITRUST best practices are embedded directly into how software is built, deployed, and operated. The ideal candidate combines deep technical expertise in the Microsoft ecosystem (Azure, GitHub, Azure DevOps) with strong security governance experience in regulated healthcare environments.

This is a hands-on leadership role that blends platform engineering, security strategy, compliance enablement, and people leadership.

Key Responsibilities

DevOps & Platform Engineering Ownership

  • Own and lead Tango’s DevOps and platform engineering strategy, enabling secure, self-service infrastructure and delivery pipelines.
  • Design and maintain paved-road platforms that balance standardization, flexibility, and developer productivity.
  • Establish enterprise standards for CI/CD, infrastructure, configuration management, and environment provisioning.

Security Leadership & Governance (Primary Accountability)

  • Own the Security function, including application security, cloud security, and DevSecOps practices.
  • Embed HIPAA, SOC 2, and HITRUST CSF controls directly into engineering workflows and infrastructure.
  • Define and enforce security policies, standards, and guardrails across cloud and application platforms.
  • Partner with Legal, Compliance, and Risk teams to support audits, assessments, and continuous compliance.
  • Drive security-by-design and shift-left security practices across all engineering teams.

Secure Software Development Lifecycle (SSDLC)

  • Implement and operationalize security controls throughout the SDLC, including:
    • SAST, DAST, SCA, and container image scanning
    • Infrastructure-as-Code (IaC) security scanning
    • Secrets management, encryption, and key rotation
  • Ensure secure identity and access management using Azure AD / Entra ID and least-privilege principles.
  • Establish secure patterns for handling PHI and sensitive healthcare data.

Cloud Infrastructure & Microsoft Stack Leadership

  • Lead all DevOps and security practices across Microsoft Azure environments (IaaS, PaaS, and hybrid).
  • Own infrastructure-as-code standards using Bicep, Terraform, or ARM templates.
  • Ensure cloud environments meet healthcare compliance, resiliency, and availability requirements.
  • Defining standards for network security, segmentation, and zero-trust architecture.

CI/CD, Automation & Compliance Enablement

  • Own CI/CD platforms using GitHub Actions and/or Azure DevOps.
  • Drive automation of:
    • Build, test, and deployment workflows
    • Security scanning and policy enforcement
    • Compliance evidence collection and audit readiness
  • Reduce operational risk and manual processes through automation-first design.

Observability, Reliability & Incident Management

  • Establish enterprise observability standards for monitoring, logging, alerting, and auditing.
  • Own operational readiness, incident response, and post-incident reviews.
  • Align DevOps practices with SRE principles, including error budgets and reliability metrics.
  • Track and report key performance indicators such as deployment frequency, MTTR, and change failure rate.

Infrastructure Support, SLAs & Production Operations

  • Own internal-facing operational support for Tango’s applications and services.
  • Be accountable for support SLAs, including response time, resolution time, and customer satisfaction metrics for infrastructure services (network, desktop, VDI, telephony, contact center, FTP, etc.).
  • Ensure timely triage, escalation, and resolution of internal and client-reported infrastructure issues.
  • Establish clear incident severity definitions, escalation paths, and on-call rotations for desktop support and services.
  • Lead post-incident reviews and ensure corrective and preventive actions are implemented.

Support Tooling & Service Management

  • Own and govern ITSM processes using Freshservice and Freshdesk.
  • Ensure all clients support tickets, incidents, and requests are properly triaged, tracked, categorized, and reported.
  • Use support data to drive continuous improvement to create best-in-class infrastructure services for internal and customers.

Leadership, Culture & Enablement

  • Build, lead, and mentor DevOps and Security teams.
  • Foster a culture where security is an enabler, not a blocker.
  • Serve as a trusted advisor to engineering leadership and executive stakeholders.
  • Lead cross-functional initiatives that improve platform maturity, compliance posture, and developer experience.

Required Qualifications

  • 8+ years of experience in DevOps, DevSecOps, Security Engineering, or Platform Engineering and client support.
  • 5+ years in a technical leadership role owning client support, delivery and security responsibilities.
  • Deep hands-on experience with:
    • Microsoft Azure (compute, networking, storage, identity, security)
    • CI/CD platforms (GitHub Actions, Azure DevOps)
    • Infrastructure as Code and automation frameworks
    • Managing client success metrics
  • Strong working knowledge of:
    • HIPAA security and privacy requirements
    • SOC 2 (Type I & II) controls
    • HITRUST CSF frameworks and assessments
    • Client Support tools
  • Proven experience operating in regulated healthcare environments.
  • Ability to balance client support, compliance, and security.

Preferred Skills

  • Familiarity with healthcare interoperability and data protection patterns.
  • Experience in preparing for and supporting third-party audits and risk assessments.
  • Strong executive communication and organizational skills.
  • Experience with Freshservice and Freshdesk

What Success Looks Like

  • DevOps and Security operate as a single, aligned function.
  • HIPAA, SOC 2, and HITRUST controls are automated, auditable, and embedded into daily engineering work.
  • Developers ship secure, compliant software with minimal friction.
  • Tango’s platform scales confidently to support growth in healthcare and EDI services.
  • Security posture improves continuously without slowing delivery.
  • Successful client support process and KPI management.

tango provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. tango will make reasonable accommodations for qualified individuals with known disabilities unless doing so would result in an undue hardship.