CloudSecOps Security Engineer III (US)

About the position As a CloudSecOps Security Engineer III, you will be responsible for the security of the Clinisys SaaS cloud environments. You will research new technologies and influence the security roadmap with the aim of hardening Clinisys environment including Azure, AWS, and data centers.

Responsibilities

• Conduct regular security assessments, risk assessments, and vulnerability assessments to identify and mitigate risks and vulnerabilities in the Clinisys SaaS environment.
• Assess system security posture and identify risks.
• Review vulnerability and compliance scans, and prioritize security risks for remediation.
• Manage security projects remediating risks and implementing security systems.
• Design, implement, and continuously improve continuous monitoring, vulnerability monitoring, auditing, as well as development of system standards, policies, and procedures for the Clinisys SaaS environment.
• Revise, Develop, and Implement information security policies and procedures in accordance with ISO, CIS, NIST, HIPAA, GDPR, NHS Policy, IRAP, etc.
• Collaborate with other departments to ensure security is ingrained and conduct security trainings to raise awareness.
• Stay informed of the latest developments in cloud security.
• Ensure compliance with legal, regulatory, and contractual security requirements.
• Lead emergency response efforts in the Clinisys SaaS environment. Contain risk, analyze root cause, implement changes based on lessons learned.
• Assist with security questionnaires and security customer calls.
• Provides subject matter expertise and support for security software, including operational aspects of the software.
• Provides subject matter expertise during the analysis and documentation of cybersecurity technical requirements, including hardware and software components, with the objective of standardizing security throughout the company's infrastructure.
• Stay informed about emerging threats and security trends, recommending and implementing new security measures as needed.
• All other duties and responsibilities as assigned.

Requirements

• Proven experience in the implementation of complex IT projects including deployment and administration.
• Strong ability to identify, assess, and prioritize network and system vulnerabilities, coupled with expertise in recommending appropriate mitigation strategies.
• Familiarity with penetration testing methodologies and common hacking techniques to better understand and anticipate potential threats.
• Proficiency in security architectures and protocols, including authentication and access control technologies, encryption and key management, network traffic analysis, and Web Application Firewalls.
• Experience with incident handling procedures and forensic analysis techniques.
• Knowledge of cloud security principles and best practices.
• In-depth understanding of security technologies and concepts, including firewalls, proxies, Security Information and Event Management (SIEM) systems, Intrusion Detection and Prevention Systems (IDPS), and endpoint protection solutions.
• Familiarity with DevSecOps practices and tools for integrating security into the development lifecycle.
• Strong analytical skills with the ability to translate technical findings into actionable recommendations for both technical and non-technical stakeholders.
• Ability to influence others on best security practices.
• Scripting or programming ability in multiple languages.
• Ability to complete projects on time and within budget.
• Solid logic and organizational skills.
• Analysis and design skills.
• Bachelor's degree in information security, network security, cybersecurity, digital forensics, or other relevant combination of training and education.
• CompTIA Security+ certification.
• AWS Certified Security - Speciality Certification, Microsoft Certified Azure Security Engineer, or Microsoft Certified Cybersecurity Architect.
• 8 years of experience in security, such as information security officer, security architect, security design and implementation.
• 5 years of experience and expert-level knowledge of the Windows and Linux Operating Systems.
• 5 years of experience with securing cloud hosting solutions such as AWS, Google Cloud, or Azure.

Nice-to-haves

• Master's degree in information security, network security, cybersecurity, digital forensics, or other relevant combination of training and education.
• EC-Council Certified Ethical Hacker (C|EH).
• ISC2 Certified Cloud Security Professional (CCSP).
• SC2 Certified Information Security System Professional (CISSP).

Benefits

• Health and wellness benefits.
• 401 (k) Savings Plan.
• Stock incentive programs.
• Paid time off.
• Parental leave.
• Tuition assistance.

Apply tot his job Apply To this Job