Overview
Skills
Job Details
Please note I have direct access to the Hiring Director of Security on this position.
Position is 100% Remote.
This is an outstanding opportunity for a Sr. AWS Cloud Security Engineer to drive the ground up design and build out of a CSPM Program and environment for a growing SaaS HealthTech Software Company.
We are a leading SaaS HealthTech Software Company in our niche and are looking for a Sr. AWS Cloud Security Engineer. We are a privately held company backed by Private Equity, have been in business for 20+ years, with $40+M in revenue (25% increase over the previous year) and are an active philanthropic institution.
The Sr. AWS Cloud Security Engineer will work with the Director of Security in the design, building out and implementation of the Cloud Security Posture Management (CSPM) program within the AWS ecosystem. The Sr. AWS Cloud Security Engineer will:
- Utilize Aikido to manage, automate, consolidate and streamline the CSPM Program.
- Lead the Compliance Audit, Certification, Enforcement and Automation for PCI DSS (first-time certification), SOC 2 (Audit and Certification in progress) and HIPAA (previously certified and to be renewed this year).
- Utilize AWS Inspector, Aikido and DataDog for Vulnerability Management to establish and maintain a strong security posture by identifying, analyzing, prioritizing, and remediating security weaknesses.
- Establishing and implementing an Incident Response Plan to minimize damage, remediate, restore operations, and prevent future incidents.
- Utilize AWS CloudFormation, AWS Backup and AWS DRS to fully manage Cloud Backup and Recovery Services that centralize and automate the backup and restoration of data across various AWS services (RDS, ECS, etc.).
- Utilize AWS CloudWatch and DataDog for monitoring, AWS GuardDuty for threat detection and AWS CloudTrail for tracking.
The Sr. AWS Cloud Security Engineer reports to the Director of Security and dotted line reporting to vCISO.
Requirements:
- Must Have: 7-10+ years of Security Engineering experience including recent AWS Cloud Security
- Must Have experience either working within or standing up a CSPM (Cloud Security Posture Management) Program; preferably with AWS Security Hub and/or Aikido.
- Must have led or participated in PCI DSS, SOC 2 and/or HIPAA Audits and Compliance Certifications.
- Must have experience managing Vulnerability Management, Monitoring, Incident Response and Disaster Recovery within an AWS ecosystem (preferably with AWS CloudFormation, AWS CloudWatch, DataDog, AWS GuardDuty, AWS CloudTrail, AWS Backup, AWS Lambda and/or AWS DRS)
- Experience with any of the following is only a Plus; NOT Mandatory: AWS and/or Okta IAM, AWS and/or Okta SSO, AWS and/or Okta for MFA, AWS MSA, AWS Inspector, GitHub Dependabot, AWS Lambda, DataDog for SIEM, AWS VPC, AWS S3 bucket policies, AWS Config, AWS WAF and/or Application Security (SAST, DAST, SCA, etc.). Again, NOT Mandatory, only pluses.
- BS or MS in Computer Science, Cybersecurity, Information Technology, or a related technical field
- Any Security Certifications are a plus: In order of importance: AWS Certified Security Specialty, Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP) and/or PCI Professional (PCIP).
Benefits
We offer a comprehensive benefits package including Matching 401K; 3 Weeks Vacation, HMO/PPO medical, dental, and vision coverage for employees; paid company holidays, flexible spending plans, HSA, life and disability insurance, EAP, and a casual work environment.