CloudSecOps Security Engineer III (US)

As a CloudSecOps Security Engineer III, you will be responsible for the security of the Clinisys SaaS cloud environments. You will research new technologies and influence the security roadmap with the aim of hardening Clinisys environment including Azure, AWS, and data centers.

Essential Functions:

• Conduct regular security assessments, risk assessments, and vulnerability assessments to identify and mitigate risks and vulnerabilities in the Clinisys SaaS environment.

• Assess system security posture and identify risks

• Review vulnerability and compliance scans, and prioritize security risks for remediation

• Manage security projects remediating risks and implementing security systems

• Design, implement, and continuously improve continuous monitoring, vulnerability monitoring, auditing, as well as development of system standards, policies, and procedures for the Clinisys SaaS environment

• Revise, Develop, and Implement information security policies and procedures in accordance with ISO, CIS, NIST, HIPAA, GDPR, NHS Policy, IRAP, etc.

• Collaborate with other departments to ensure security is ingrained and conduct security trainings to raise awareness

• Stay informed of the latest developments in cloud security.

• Ensure compliance with legal, regulatory, and contractual security requirements.

• Lead emergency response efforts in the Clinisys SaaS environment. Contain risk, analyze root cause, implement changes based on lessons learned.

• Assist with security questionnaires and security customer calls

• Provides subject matter expertise and support for security software, including operational aspects of the software.

• Provides subject matter expertise during the analysis and documentation of cybersecurity technical requirements, including hardware and software components, with the objective of standardizing security throughout the company’s infrastructure.

• Stay informed about emerging threats and security trends, recommending and implementing new security measures as needed

• All other duties and responsibilities as assigned
  

Required Qualifications:

• Proven experience in the implementation of complex IT projects including deployment and administration

• Strong ability to identify, assess, and prioritize network and system vulnerabilities, coupled with expertise in recommending appropriate mitigation strategies

• Familiarity with penetration testing methodologies and common hacking techniques to better understand and anticipate potential threats

• Proficiency in security architectures and protocols, including authentication and access control technologies, encryption and key management, network traffic analysis, and Web Application Firewalls.

• Experience with incident handling procedures and forensic analysis techniques

• Knowledge of cloud security principles and best practices

• In-depth understanding of security technologies and concepts, including firewalls, proxies, Security Information and Event Management (SIEM) systems, Intrusion Detection and Prevention Systems (IDPS), and endpoint protection solutions

• Familiarity with DevSecOps practices and tools for integrating security into the development lifecycle

• Strong analytical skills with the ability to translate technical findings into actionable recommendations for both technical and non-technical stakeholders

• Ability to influence others on best security practices

• Scripting or programming ability in multiple languages

• Ability to complete projects on time and within budget

• Solid logic and organizational skills

• Analysis and design skills

• Bachelor’s degree in information security, network security, cybersecurity, digital forensics, or other relevant combination of training and education.

• CompTIA Security+ certification

• AWS Certified Security – Speciality Certification, Microsoft Certified Azure Security Engineer, or Microsoft Certified Cybersecurity Architect

• 8 years of experience in security, such as information security officer, security architect, security design and implementation

• 5 years of experience and expert-level knowledge of the Windows and Linux Operating Systems

• 5 years of experience with securing cloud hosting solutions such as AWS, Google Cloud, or Azure.

Preferred Qualifications: (any are a plus)

• Master’s degree in information security, network security, cybersecurity, digital forensics, or other relevant combination of training and education.

• EC-Council Certified Ethical Hacker (C|EH)

• ISC2 Certified Cloud Security Professional (CCSP)

• SC2 Certified Information Security System Professional (CISSP)

Benefits

Our benefits are designed to help you move forward in your career and areas of your life outside of work. From health and wellness benefits, 401 (k) Savings Plan, stock incentive programs, paid time off, parental leave, and tuition assistance, we've covered you with our total rewards package. Your coverage will vary for part-timers as you may be eligible for some of these benefits depending on your circumstances.

The starting pay range for a candidate selected for this position is generally within the $88,000 -  $125,000 annual base salary range. The successful candidate’s actual pay will be based on various factors, such as work location, qualifications, and experience, so the exact starting pay may be above or below this range.

Clinisys Commitment to Equal Opportunity

Clinisys is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic factors, military/veteran status or other characteristics protected by law.

General Guidance:

This job description is meant to provide an accurate depiction of tasks and accountabilities that are most often associated with this role. While we strive to provide an accurate depiction, nothing in this description restricts the company from changing, reassigning, expanding, or reducingthe  scope of accountabilities and is subject to change at any time.