Role Description We are seeking a Chief DevSecOps Engineer to be responsible for leading the design, development, and implementation of secure software solutions across the VA enterprise cloud environment. This expert-level role requires in-depth technical expertise in software development, algorithm engineering, and database architecture. You will oversee a team of developers, ensuring quality control and compliance with security protocols throughout the software development lifecycle (SDLC). You will play a key role in integrating security practices into every phase of development while proactively identifying and mitigating risks. As the ideal candidate, you will thrive in a collaborative environment and be skilled in synthesizing complex system components into scalable and secure software applications. Responsibilities - Lead large-scale, secure software development initiatives - Enforce expertise in DevSecOps principles and implementation - Develop and apply complex algorithms - Demonstrate experience in database design and optimization - Lead a team and collaboration across cross-functional teams - Identify risks and implement mitigation strategies - Troubleshoot, analyze, and resolve development issues quickly and efficiently - Document and present technical solutions effectively - Integrate automated testing, continuous integration (CI), and continuous deployment (CD) tools Qualifications - Master’s Degree in Engineering, Computer Science, or related scientific/technical discipline with additional 10 years of relevant experience may be substituted for the required education - Minimum of 15 years of hands-on experience in software development, DevSecOps practices, algorithm design, and database architecture - Tech Stack required for this position: - Java, Spring Boot, .NET Core, Node.js, React - Oracle, SQL, PostgreSQL, Redis - Kubernetes, Docker, Jenkins, Gitlab CI/CD, Terraform - Kafka, MuleSoft and IBM MQ - VA Enterprise Cloud (AWS GovCloud + Azure Gov) - Preferred: - Knowledge of Splunk, ServiceNow - Knowledge of Okta, Ping Identity, VA IAM services, FedRAMP compliance requirements - Certified DevSecOps Professional (CDP) - AWS Certified DevOps Engineer – Professional - Certified Secure Software Lifecycle Professional (CSSLP) - Microsoft Certified: DevOps Engineer Expert Working Conditions Standard Business hours are Monday through Friday. Occasional extended or weekend hours may be required based on operational needs. Must have reliable internet service that allows for effective telecommuting. Benefits - Medical, Dental, and Vision - Health Saving Account (when enrolled ineligible plan) with Company contribution - Company paid Life, Accidental Death, Short-term & Long-term Disability - Voluntary Accident, Hospital Indemnity, & Critical Care Insurance - Voluntary Medical & Dependent Care Flexible Spending Accounts - Accrued Paid Time Off & Company Paid Holidays - 401(k) Retirement Plan with Company match Work Authorization Sprezzatura participates in E-Verify and will provide the federal government with your I-9 information to confirm that you are authorized to work in the U.S.

• The Head of Security and Compliance will be responsible for building and leading Eight Sleep’s security strategy across physical, digital, and operational domains. • Oversight and implementation, operation and monitoring of information security tools and processes in customer production environments. • Conducting IT risk assessments, documenting identified threats and maintaining risk register. • Define and own Eight Sleep’s end-to-end security strategy across cloud, product, corporate, and customer environments. • Build and scale Eight Sleep’s security program, including roadmap, processes, metrics, and future team structure.

• Develop enterprise cybersecurity roadmap • Align security strategy with business objectives • Lead cyber risk assessments • Provide board-level cybersecurity reporting • Coordinate enterprise security initiatives

• Define enterprise security architecture strategy • Implement zero trust frameworks • Lead secure cloud architecture design • Conduct architecture security reviews • Partner with engineering teams on secure infrastructure