Senior Cloud Security Engineer at Long Beach, CA onsite

About infinite:

Infinite is a global leader in digital engineering and IT services, with over 20 years of experience driving digital transformation. We partner with leading Fortune 1000 companies to deliver innovative, scalable technology solutions that accelerate business outcomes.

With deep expertise in telecommunications, healthcare, banking, and finance, Infinite helps organizations optimize and modernize their technology landscapes to achieve long-term growth and efficiency.

Job Description:

We are seeking a skilled Cloud/App Security Engineer with expertise in Microsoft Azure to design, deploy, and secure our cloud infrastructure with detail to regulatory compliance (HIPAA, HITRUST), high availability, and data security for patient-centric solutions. The ideal candidate will have a deep understanding of cloud security and application security, including experience with APIs, DevSec, and Cloud applications. They will be responsible for designing, implementing, and testing security solutions and controls for our organization's applications and integrations.

ESSENTIAL JOB RESULTS:

• 5+ years of experience in cloud/app security, with at least 2 years focused on Microsoft Azure. Proven experience with Azure DevOps for CI/CD pipelines and Infrastructure as Code (IaC) implementation.

• Strong knowledge of coding best practices and alignment with OWASP.

• Design and implement scalable, secure, and resilient security solutions for Azure cloud infrastructure solutions tailored to healthcare applications and sensitive patient data.

• Secure Azure resources such as Virtual Machines, App Services, Azure SQL, Entra ID, Azure Storage Accounts, Azure Container Registry, Azure Kubernetes, Azure Data Factory, Private Endpoints, and Virtual Networks.
• 
  Strong understanding of IAM, RBAC, and Managed Identities and experience with creating and provisioning least privileged roles in alignment with Zero Trust.

• Develop and manage Infrastructure as Code (IaC) using tools like ARM templates, Bicep, or Terraform within Azure DevOps CI/CD pipelines.
  
  Familiarity with Azure security and networking components, such as Azure Firewall, Network Security Groups (NSGs), and Virtual Networks (VNets).

• Automate cloud security and deployments using Azure DevOps, GitHub, or PowerShell.

• Monitor system performance and availability using Azure Monitor, Log Analytics, and other monitoring tools.

• Working knowledge of Vulnerability and Application Security using Static Application Security Testing (SAST), and Dynamic Application Security Testing (DAST).

• Work collaboratively with cross-functional teams to support DevOps practices and CI/CD pipelines and implement best practices.

• Extensive hands-on experience in securing and support of Microsoft Technology stack for example: Azure Resources, Defender for Cloud, Azure DevOps, Azure Advanced Security, M365, O365, Power platform/Dynamics, SharePoint Online, Intune, and Windows 365 Cloud PC/DaaS.

• Supports Microsoft and Linux technologies - design, architecture, and Implementation, Active Directory/EntraID, Intune, and IIS) including 32-bit and 64-bit architecture.

• Skills in API usage for integration and CLI and SDKs for application troubleshooting are desirable.

• Wear multiple hats and work in a team with team members having similar skills sets.

• Project and task management that includes planning, prioritizing, organizing, gathering facts, exercising sound judgment in problem solving, decision making and facilitating solutions.

• Maintains data integrity in the organization’s systems while keeping strict confidentiality of the information within.

• Adapts to frequently changing priorities and deadlines.

• Detail oriented with ability to follow through to completion, along with the ability to focus on tasks and maintain concentration to complete tasks and assignments.

• Maintains professional and technical knowledge by attending educational workshops; reviewing professional publications; establishing personal networks; participating in professional societies.

• Provides escalation support for various development and infrastructure teams as well as other groups within IT. Contributes team effort by accomplishing related results as needed. Ensure accurate and timely completion of all the work assigned.

PREFERRED QUALIFICATIONS:

• Bachelor’s degree in computer science or equivalent experience (minimum 10 years).
• Active Azure and/or AWS cloud Engineer certification required.
• Relevant certifications (preferred but not required), such as Microsoft Certified: Cybersecurity Architect Certified, CISSP, CSSP
• Experience in Agile/Scrum environments.
• Knowledge of securing hybrid cloud architectures integrating Azure with on-premises infrastructure.
• Strong verbal and written communication skills.
• Experience with Change/Release Management.
• Experience with HIPAA compliance and HITRUST certification.
• Technical knowledge of Configuring Identity Management and Roles.
• 5+ years of experience with Application Security.
• Experience with application monitoring of Windows systems and services.
• Dev Experience and hands on with experience with coding languages such as Python.
• Must be able to provide exceptional technical documentation.
• Demonstrate problem solving skills and troubleshooting techniques.
• Ability to multi-task and handle a variety of work assignments.
• Ability to maintain data integrity in the organization’s systems and strict confidentiality of information.
• Must be able to work under frequently changing priorities and deadlines.
• Detail oriented with ability to follow through to completion, along with the ability to focus on tasks and maintain concentration to complete tasks and assignments.