We’re building a world of health around every individual — shaping a more connected, convenient and compassionate health experience. At CVS Health®, you’ll be surrounded by passionate colleagues who care deeply, innovate with purpose, hold ourselves accountable and prioritize safety and quality in everything we do. Join us and be part of something bigger – helping to simplify health care one person, one family and one community at a time. Position Summary The Senior DevSecOps Engineer will operate as a senior technical advisor responsible for advancing security, operational excellence, and engineering efficiency across the SDLC. This role leads high‑impact initiatives, drives adoption of secure-by-design practices, and delivers data‑driven insights that influence technology and business decision‑making. The ideal candidate brings a strong understanding of what it takes to build, secure, and operate reliable systems at scale. Key Responsibilities: - Lead the design, execution, and delivery of security, analytics, and operational engineering initiatives. - Act as a technical subject matter expert, partnering across engineering, product, and cybersecurity teams to address complex challenges and embed best practices. - Provide clear, actionable insights and strategic communication to influence stakeholders across all organizational levels. - Develop, automate, and optimize processes, dashboards, and tooling to enhance security, efficiency, and system reliability. - Champion secure SDLC practices and contribute to incident response, vulnerability remediation, risk reduction, and overall security posture improvement. - Mentor and coach team members, promoting knowledge sharing, technical development, and cross-functional alignment. - Drive organizational security awareness and help foster a culture of continuous improvement. - Promote accountability and delivery excellence within Kanban-based team workflows. Required Qualifications - 5+ years of experience in technology operations, strategy, and/or engineering within a Product, Cybersecurity, or Development context - 3+ years of direct experience with the SDLC including but not limited to SAST, DAST, MAST, Scanning, Automation, Containers, etc. - 3+ years of experience with data-driven, analytical, and communication skills, including executive reporting and strategic storytelling. Preferred Qualifications - Experience working in multi-cloud, containerized, and hybrid/legacy environments. - Familiarity with industry security frameworks, compliance standards, and data warehouse technologies. - Strong competency in building dashboards and converting analytical outputs into actionable business insights across one or more BI platforms. - Demonstrated ability to collect, analyze, and present metrics to senior leadership through clear, data-driven storytelling. - Experience supporting and optimizing workflows within a Kanban-based engineering team. - Hands-on CI/CD engineering experience using GitHub Actions. - Strong data analytics capabilities, with the ability to identify trends, derive insights, and support strategic decision-making. Education - Bachelor’s degree or equivalent experience (High School Diploma and 4 years relevant experience) Anticipated Weekly Hours 40 Time Type Full time Pay Range The typical pay range for this role is: $83,430.00 - $222,480.00 This pay range represents the base hourly rate or base annual full-time salary for all positions in the job grade within which this position falls. The actual base salary offer will depend on a variety of factors including experience, education, geography and other relevant factors. This position is eligible for a CVS Health bonus, commission or short-term incentive program in addition to the base pay range listed above. Our people fuel our future. Our teams reflect the customers, patients, members and communities we serve and we are committed to fostering a workplace where every colleague feels valued and that they belong. Great benefits for great people We take pride in our comprehensive and competitive mix of pay and benefits – investing in the physical, emotional and financial wellness of our colleagues and their families to help them be the healthiest they can be. In addition to our competitive wages, our great benefits include: - Affordable medical plan options, a 401(k) plan (including matching company contributions), and an employee stock purchase plan. - No-cost programs for all colleagues including wellness screenings, tobacco cessation and weight management programs, confidential counseling and financial coaching. - Benefit solutions that address the different needs and preferences of our colleagues including paid time off, flexible work schedules, family leave, dependent care resources, colleague assistance programs, tuition assistance, retiree medical access and many other benefits depending on eligibility. For more information, visit https://jobs.cvshealth.com/us/en/benefits We anticipate the application window for this opening will close on: 03/25/2026 Qualified applicants with arrest or conviction records will be considered for employment in accordance with all federal, state and local laws.

• Grow & coach a high-performing team – hire, mentor, and develop engineers so they deliver their best work and advance in their careers. • Drive outcomes, not just output – partner with Product to clarify goals, measure success, and unblock your team so they ship meaningful value to customers. • Own sustainable delivery – keep projects on track through proactive planning and clear communication, so shipping happens smoothly—without heroic last-minute sprints. • Shape how the team works – gather feedback, refine processes, and champion modern engineering practices that raise the technical bar.

• Design and strengthen security in multi-account AWS environments, focusing on identity (IAM), networking (VPC, Security Groups) and data protection (KMS, Secrets Manager). • Implement automated security controls in CI/CD pipelines (CodePipeline, GitHub Actions, Terraform). • Configure and maintain AWS native security services: GuardDuty, Security Hub, CloudTrail, Config, Inspector, Macie, WAF, and Shield. • Establish continuous monitoring with CloudWatch, SIEM, and proactive alerts for anomalies or incidents. • Conduct internal pentesting, threat modeling, and security validation on APIs, serverless functions, and critical components. • Lead the detection and incident response (IR) strategy, including playbooks, drills, and basic forensics. • Ensure compliance with fintech regulatory frameworks (ISO 27001, SOC 2, GDPR, PCI DSS). • Collaborate with Platform, Data, and Core teams to ensure a 'secure by default' architecture.

• Deliver priority roadmap features across frontend and backend systems • Develop and maintain applications using Node.js, React, and TypeScript • Support and enhance NHS and third-party integrations • Contribute to scalable, reusable platform architecture • Maintain and optimise cloud infrastructure (AWS preferred) • Build, maintain, and improve CI/CD pipelines and release processes • Improve monitoring, logging, and system observability • Strengthen deployment reliability and platform stability • Implement and support security improvements and secure coding practices • Ensure alignment with compliance standards (e.g., GDPR, ISO27001) • Improve engineering quality and release discipline by: Reducing defect leakage, Strengthening testing practices and • Supporting test-first / automated testing approaches • Collaborate with Product and stakeholders to translate complex requirements into pragmatic technical solutions • Work across multiple concurrent workstreams and manage priorities effectively