We’re building a world of health around every individual — shaping a more connected, convenient and compassionate health experience. At CVS Health®, you’ll be surrounded by passionate colleagues who care deeply, innovate with purpose, hold ourselves accountable and prioritize safety and quality in everything we do. Join us and be part of something bigger – helping to simplify health care one person, one family and one community at a time. Position Summary Who You Are: - A seasoned security leader with the ability to develop and review code when necessary, and with a deep understanding of foundational software‑engineering paradigms—specifically the distinctions and appropriate use cases for objects (runtime instances), classes (architectural blueprints), and functions (discrete units of logic). - Strong passion and thorough understanding of what it takes to build and operate secure, reliable systems at scale. - Strong passion and technical expertise to automate security functions via code, including pipeline and workflow automation. - Strong technical expertise with Application, Cloud, Data, and Network Security best practices. - Strong technical expertise with multi-cloud environments, including container/serverless and other microservice architectures. - Strong technical expertise with older technology stacks, including mainframes and monolithic architectures. - Strong technical expertise with SDLC, CI/CD tools, Deployment Automation, and pipeline orchestration. - Strong technical expertise with operating security for Windows Server and Linux Server systems. - Strong technical expertise with configuration management, version control, and DevOps operational support. - Strong experience with implementing security measures for both applications and data, with an understanding of the unique security requirements of data warehouse technologies. - Experience with reporting and visualization tools such as Power BI, BigQuery, Tableau, or similar platforms. - Ability to create and deliver executive-level reporting and dashboards for leadership visibility. Role Responsibilities: Development & Enforcement - Develop and enforce engineering security policies and standards. - Develop and enforce data security policies and standards. - Drive security awareness across the organization. Collaboration & Expertise - Collaborate with Engineering and Business teams to develop secure engineering practices. - Serve as the Subject Matter Expert for Application Security. - Work with cross-functional teams to ensure security is considered throughout the software development lifecycle. Automation & Optimization - Design and implement automated workflows for security processes across CI/CD pipelines, reducing manual intervention and improving consistency. - Automate manual reporting tasks by building scripts, dashboards, and integrations that provide real-time visibility into security posture, vulnerability status, and compliance metrics. - Integrate security controls into CI/CD pipelines (e.g., automated scanning, policy enforcement, and remediation workflows) to ensure security gates are embedded in the development lifecycle. - Develop orchestration strategies for pipeline automation using tools like GitHub Actions, Jenkins, or Azure DevOps, ensuring security checks are triggered automatically during build and deployment phases. - Develop and maintain executive-level reporting dashboards using tools like Power BI, Tableau, or BigQuery to provide actionable insights to leadership. Analysis & Configuration - Analyze, develop, and configure security solutions across multi-cloud, on-premises, and colocation environments, ensuring application security, integrity, confidentiality, and availability of data. - Lead security testing, vulnerability analysis, and documentation. Operational Support - Participate in operational on-call duties to support infrastructure across multiple regions and environments (cloud, on-premises, colocation). - Develop incident response and recovery strategies. Required Qualifications: - 5+ years of experience in developing and deploying security technologies. - 5+ years with modern SDLC and CI/CD practices, emphasizing pipeline automation and security integration. - 3+ years remediating vulnerabilities from Static Analysis, Open-Source Scanning, Mobile Scanning (DataTheorem or similar platform), and API Scanning (Apiiro, Koi Security). - 3+ years of experience with Docker, Kubernetes, Security-as-Code, and Infrastructure-as-Code. - 3+ years of experience with one or more general-purpose programming/script languages including but not limited to: Java, C/C++, C#, Python, JavaScript, Shell Script, PowerShell. - 1+ year of experience building reports and dashboards using visualization tools (Power BI, Tableau, BigQuery, or similar). Preferred Qualifications: - Proficiency in Public Cloud (AWS/Azure/GCP) & Network Security. - Strong experience with implementing and managing data protection measures and compliance with data protection regulations (e.g., GDPR, CCPA). - Strong technical expertise with Architecting Public Cloud solutions and processes. - Strong technical expertise with Networking and Software-Defined Networking (SDN) principles. - Strong technical expertise with developing and interpreting Network, Sequence, and Dataflow diagrams. - Familiarity with OWASP Application Security Verification Standard. - Experience with direct, remote, and virtual teams. - Understanding of at least one compliance framework (HIPAA, HITRUST, PCI, NIST, CSA). - Strong technical expertise with Static Analysis, Open Source Scanning, Mobile Scanning, and API Scanning security solutions for data warehouses and big data platforms, particularly with technologies like Snyk, Apiiro, Koi Security, jFrog Curation. - Strong technical expertise in defining and implementing cyber resilience standards, policies, and programs for distributed cloud and network infrastructure, ensuring robust redundancy and system reliability. - Experience creating executive-level reporting and presenting security metrics to leadership. - Experience building automated reporting solutions using APIs, scripting, and visualization tools (e.g., Power BI, Grafana, or custom dashboards). - Experience with pipeline orchestration tools and CI/CD automation frameworks to embed security gates and compliance checks. Education - A Bachelor’s degree or equivalent experience (High School Diploma and 4 years relevant experience) Anticipated Weekly Hours 40 Time Type Full time Pay Range The typical pay range for this role is: $83,430.00 - $222,480.00 This pay range represents the base hourly rate or base annual full-time salary for all positions in the job grade within which this position falls. The actual base salary offer will depend on a variety of factors including experience, education, geography and other relevant factors. This position is eligible for a CVS Health bonus, commission or short-term incentive program in addition to the base pay range listed above. Our people fuel our future. Our teams reflect the customers, patients, members and communities we serve and we are committed to fostering a workplace where every colleague feels valued and that they belong. Great benefits for great people We take pride in offering a comprehensive and competitive mix of pay and benefits that reflects our commitment to our colleagues and their families. This full‑time position is eligible for a comprehensive benefits package designed to support the physical, emotional, and financial well‑being of colleagues and their families. The benefits for this position include medical, dental, and vision coverage, paid time off, retirement savings options, wellness programs, and other resources, based on eligibility. Additional details about available benefits are provided during the application process and on Benefits Moments. We anticipate the application window for this opening will close on: 04/28/2026 Qualified applicants with arrest or conviction records will be considered for employment in accordance with all federal, state and local laws.

• Design and enforce security best practices across infrastructure, cloud environments, and CI/CD pipelines. • Implement and manage vulnerability management, patching, access controls, and threat monitoring. • Lead security incident response and post-incident reviews. • Establish reporting and metrics that provide visibility into security posture and risk management. • Oversee cloud and network infrastructure to ensure secure, resilient, and scalable operations. • Manage networking components including routing, connectivity, firewalls, and load balancing. • Support engineering teams with reliable platform services and deployment infrastructure. • Establish comprehensive monitoring, logging, and alerting across infrastructure and services. • Build operational dashboards and reporting that provide visibility into system health, performance, and availability. • Develop metrics and reporting for leadership related to incidents, uptime, operational performance, and security risks. • Act as a technology advocate, independently seeking opportunities where technology can be utilized to improve the business. • Provide technical guidance and mentorship while fostering a team environment. • Apply knowledge of current industry trends and techniques to formulate solutions within the context of assigned efforts. • Seek opportunities to expand technical knowledge and capabilities. • Perform other responsibilities as assigned.

• Work hands-on with the infrastructure that supports our distributed & highly scalable services in both SaaS and on-prem offerings • Gather requirements from customers and adapt manifests and software to support new environments • Use and augment monitoring tools to observe platform health, ensure performance and reliability • Interact with the product team to test new features and package new on-prem releases • Automate and optimize the release pipeline to make it as frictionless as possible • Exhibit continuous curiosity for emerging technology that could solve our challenges

Coupa makes margins multiply through its community-generated AI and industry-leading total spend management platform for businesses large and small. Coupa AI is informed by trillions of dollars of direct and indirect spend data across a global network of 10M+ buyers and suppliers. We empower you with the ability to predict, prescribe, and automate smarter, more profitable business decisions to improve operating margins. Why join Coupa? 🔹 Pioneering Technology: At Coupa, we're at the forefront of innovation, leveraging the latest technology to empower our customers with greater efficiency and visibility in their spend. 🔹 Collaborative Culture: We value collaboration and teamwork, and our culture is driven by transparency, openness, and a shared commitment to excellence. 🔹 Global Impact: Join a company where your work has a global, measurable impact on our clients, the business, and each other. Learn more on Life at Coupa blog and hear from our employees about their experiences working at Coupa. The Impact of a Sr. Devops Engineer at Coupa: As a Sr. Devops Engineer Platform, you will play a crucial role in the development of solutions for our Enterprise platform. You will be developing applications that provide self-service and increased efficiency to a diverse group of internal customers across Cloud Operations, Engineering, Customer Success & Support, and Customer Value Management. When you are successful you will significantly accelerate the ability of our teams to better serve our customers. What You'll Do: - Own, build, and operate modern cloud platforms delivering APIs, integrations, security, messaging, streaming, identity, reliability, and container services - Design and run a secure, scalable, multi-region and multi-cloud platform across AWS and Azure in a regulated environment supporting hundreds of services - Act as a technical lead and partner, providing guidance and direction to multiple platform engineering teams - Drive containerization efforts to improve efficiency, scalability, reliability, and cost optimization - Define and execute long-term platform strategies and roadmaps aligned with business priorities in collaboration with engineering and product teams - Take full ownership of platform reliability and scalability, using data-driven insights to deliver high-quality features while managing technical debt effectively What You Will Bring to Coupa: - 4+ years of hands-on platform/system engineering experience using Go, Python, Java, Ruby, or equivalent languages - 2+ years in a lead engineering role, collaborating with diverse, globally distributed teams - Strong experience with containerization and CI/CD technologies, including Docker, Kubernetes, GitHub Actions, ArgoCD, and cloud container services (EKS, AKS, ECS) - Experience with Infrastructure as Code and multi-cloud deployments across AWS, Azure, and GCP - Proven ability to build, run, and scale modern full-stack cloud applications reliably in public cloud environments - Excellent communication skills and technical leadership, with the ability to own roadmaps, align with business priorities, and solve complex problems; supported by a degree in Computer Science, Computer Engineering, or equivalent #LI-Hybrid #LI-TC1 Coupa complies with relevant laws and regulations regarding equal opportunity and offers a welcoming and inclusive work environment. Decisions related to hiring, compensation, training, or evaluating performance are made fairly, and we provide equal employment opportunities to all qualified candidates and employees. Please be advised that inquiries or resumes from recruiters will not be accepted. By submitting your application, you acknowledge that you have read Coupa’s Privacy Policy and understand that Coupa receives/collects your application, including your personal data, for the purposes of managing Coupa's ongoing recruitment and placement activities, including for employment purposes in the event of a successful application and for notification of future job opportunities if you did not succeed the first time. You will find more details about how your application is processed, the purposes of processing, and how long we retain your application in our Privacy Policy.