Senior Cloud Security Engineer
Greater Boston Area
Apply if you are…
- Excited about Cyber Security and have expert knowledge of cybersecurity concepts, risk management, and threat modeling.
- Energized about working in a Start-up Organization building a cloud-native security program.
- Desire to work with a talented team that is motivated to move the needle on some of the most pressing challenges in healthcare.
- Experienced with security frameworks on cloud platforms (AWS, GCP, Azure), and protecting data in a variety of ways including anti-virus, firewalling, intrusion detection, and advanced analytics.
You should expect to….
- Build, monitor and proactively manage the security of our AWS environment.
- Evaluate, architect, implement, and support security-focused tools and services.
- Independently design, develop, deploy and maintain security management technologies in all phases of an agile service development and deployment life cycle.
- Designs, integrates, and tests a suite of tools for security management of multi-tenant private and public cloud application services.
- Recommends configuration changes to improve the performance, usability, and value of cyber analysis tools.
- Develop prototype resource definitions in AWS and Azure using infrastructure as code processes and tools.
- Advise and consult with service teams on risk assessment, threat modeling, and vulnerability remediation.
- Integrate knowledge of Cloud Security fundamentals, including cryptography and the shared responsibility model into our services.
- Leverage your strong teamwork and collaboration skills as you and your teammates engage with other engineering and operations teams spanning the entire technology stack – endpoints, networks, databases, and applications – to engineer and deploy cutting-edge defensive solutions to modern threats.
- Evangelize security within Amazon and be an advocate for customer trust.
- Evaluate and continuously improve controls and processes to increase security, eliminate vulnerabilities, improve system performance, reduce waste and lower cost.
- Train other team members on cybersecurity concepts and lead periodic IT security controls testing such as network penetration tests, phishing simulations, social engineering simulations, and use the test results to suggest enhancements and remediations to business processes, employee training etc
- Stay abreast of security threats and security technologies
Terrific if you have…
- BS in computer science, networking, information systems, computer engineering, or 6+ years’ equivalent experience
- 2-4 years’ experience (preferred) with security management of cloud-based services (SaaS) in a fast-paced Agile environment, preferably in AWS
- 5-8 years of combined IT and security work experience with a broad range of exposure to systems analysis, application development, networking, systems administration
- Experience with AWS Security & Encryption components such IAM Policy, Cloud HSM, KMS, AWS Organizations, CloudTrail, SSO, GuardDuty, etc.)
- Engineers that are AWS-certified Solutions Architects (Associate level), or Security Specialists will receive maximum consideration
- Experience architecting, deploying and managing a suite of security management tools, including tools for: WAF, SIEM, log management, DDOS protection, Pen-testing, vulnerability management, static/dynamic code analysis, and anti-malware
- Hands-on experience with security management of virtual machines, containers, and applications
- Strong knowledge of public key cryptography, web services SSO strategies, CVSS scoring
- Demonstrated knowledge of, and curiosity about emerging cyber trends, tools, and threats
- Demonstrated sense of ownership, urgency, drive, and delivery based on prior experience
- Familiarity with one or more major information security control or auditing frameworks (such as (SOC2, HITRUST, or NIST)
Read Full Job Description