Senior Cloud Security Engineer

Most job postings are the same (and can be pretty boring, right?!). That's why we want to start out by telling you what's in it for you:

• We have an amazing platform that maximizes revenue for thousands of healthcare organizations across the country!
• We embrace diversity in a serious way! We are committed to building a team that represents a variety of backgrounds, perspectives, and skills. The more inclusive we are, the better our work will be.
• We celebrate and promote career growth and advancement.
• We have an awesome on-demand learning program.
• We do fun stuff like remote Cooking Classes, Yoga Sessions & Mixology Classes because we like to have fun!
• We have an awesome benefits package with Medical, Dental & Vision Coverage & 401K (with company match).
• We have an unlimited vacation policy - that's right, take vacation when you want and come back to work refreshed!
• We have cool Peer Nominated Awards & Recognition because we like to celebrate our employees!

We're hiring for a Senior Cloud Security Engineer! The Senior Cloud Security Engineer’s primary responsibility is to help design, create, and implement systems to solve complex business problems regarding Cloud Security around our SaaS platform. This role is responsible for monitoring, analyzing, and responding to security threats, as well as helping to shape and enforce security policies, standards, and best practices. 

This individual works both independently as an engineer to define strategies and solutions that align with security, leverage common solutions and services to mitigate security risks, and meet financial and strategic objectives. They will also provide technical and security engineering support during pre-sales and post-sales phases. The Senior Cloud Security Engineer will be the technical liaison for customers for security-related topics and be knowledgeable with cloud systems, namely AWS.

ESSENTIAL DUTIES AND RESPONSIBILITIES: 

AWS Cloud Security

• Serve as a SME in MDaudit's infrastructure and ecosystem.
• Be a continuous learner of the MDaudit application.
• Assist the Infrastructure lead with managing disaster recovery and penetration test projects. Requires building new infrastructure and integration. 
• Assist with the day-to-day management of the AWS production and development VPC. 
• Work with external vendors to gain HITRUST certification in a SaaS environment.
• Support AWS security processes, blueprints, and documentation.
• Support AWS infrastructure, including patch management and cybersecurity, using 3rd party tools.
• Maintain employee on-boarding/off-boarding, password resets, white-listing customer ingress, resource provisioning & tear-down.
• Coordinate and complete projects working with 3rd party vendors on penetration testing and AWS infrastructure management.
• Develop and document robust security policies, guidelines, and procedures pertaining to the protection of systems and data, including disaster recovery, and ensure compliance.
• Participate in security committee meetings and proactively advise of any potential security threats or risks to the platform.
• Report actual or suspected breaches & vulnerabilities in the confidentiality, integrity, or availability of systems and data to the security committee or to the Manager of Data Security Engineering
• Answer security questionnaires from customers in assistance to the sales team and drive security-related discussions and documentation around the MDaudit Enterprise platform.
• Support proof-of-concept initiatives to evaluate new technologies.
• Provide periodic feedback on network performance for architecture group members.
• Monitor and report on the progress of development projects.
• Keep abreast of current trends in cloud security architectures and development environments.
• Look for possible new revenue streams, applying existing and future system architectures to observed healthcare trends and problems.
• Adhere to security policies, guidelines, and procedures pertaining to the protection of systems and data.
• Review a list of users/accounts on a quarterly basis. Notify IT of users/accounts to be removed.
• Identify data retention requirements.
• Ensure data is retained only for the duration of its useful life and per compliance and contractual requirements.

REQUIRED SKILLS 

• Excellent verbal and written skills 
• Project management and Agile skills

EDUCATION AND/OR EXPERIENCE 

• Deep Knowledge of security frameworks and regulations relevant to healthcare and SaaS (HIPAA, NIST, HITRUST)
• 3-5 years of infrastructure, security, and architecture experience with cloud services, AWS preferred
• 5+ years of experience in information security, with a focus on threat detection, incident response, and security operations.
• Experience with SIEM platforms, vulnerability management tools, and endpoint security solutions.
• 3-5 years of demonstrated ability to design, create, and drive the implementation of systems to solve complex business problems.
• Hands-on configuration and scripting for AWS cloud environments. AWS certification is a plus.
• 3-5 years' experience with design, implementation, and administration of database systems like SQL Server, Snowflake, etc.
• Training in AWS solution architecture – Security Specialty/SysOps Admin/Associate
• Healthcare industry certifications related to data and application security – preferred.

APPLICATION/SPECIALIZED KNOWLEDGE 

• Demonstrated ability to integrate business and operational processes with technical solutions. 
• Experience with healthcare data (EDI Claims, Payments, and Clinical data) preferred.
• Ability to apply specialized knowledge to current MDaudit business needs. 
• Experience with reporting tools required. BI and AI reports experience a plus 
• A solid understanding of health care information systems 
• Detailed knowledge of data modeling 
• T-SQL, PowerShell, Linux/Bash, Azure CLI, C# or other programming experience - preferred