Cloud Security Engineer
Come Join our team!!
As a key member of the Information Security (InfoSec) Team, you will be responsible for both day-to-day operational items, as well as occasional special projects. Your work is critical to the maintenance of our secure data environment and requires that you have a fundamental understanding of key information security principles, as well as a command of the tools used to support a modern data processing platform built on cloud infrastructure. You will work collaboratively with Infrastructure, Development, Compliance and Production support teams to assure that the security and integrity of the data environment is maintained.
- Interpret security and technical requirements into business requirements and communicate security risks to relevant stakeholders ranging from business leaders to engineers. Provide subject matter expertise on information security architecture and systems engineering to other IT and business teams Employ cloud-based APIs to write network/system level tools for safeguarding cloud environments.
- Responsible for automating security controls, data, and processes to provide improved metrics and operational support. Monitors, reviews and audits infrastructure and system architecture to assure alignment with company information security policies, controls, and standards.
- Stay abreast of emerging security threats, vulnerabilities, and controls.
- Conducts security assessments and audits to locate and address vulnerabilities.
- Conduct System Log analysis and security monitoring to detect and respond to unauthorized access and potential threats.
- Assists with ensuring the organization’s protected health information security program is compliant with applicable federal and state laws and regulations.
- Assists in establishing system controls by developing and implementing HITRUST and CIS framework objectives; ensuring appropriate levels of privileged and end user access; recommends improvements.
- Assists with ensuring HIPAA and PCI (Payment Card Industry) compliance.
- Has responsibilities with Business Continuity and Disaster Recovery.
- Has responsibilities in managing the Risk Registry and Incident Logs.
- Develops and maintains security control artifacts for auditing purposes.
- Works with internal and external teams ensuring recovery from backup; disaster preparedness; security related change control and conducting and documenting security related root cause analysis efforts and results; recommending improvements.
- Participates in third party Pen Test, Security Risk Assessments and Vendor Risk Assessments.
- Active member of Panoramic Health’s Incident Response Team; investigates threats and documents remediation activities.
- Updates job knowledge by participating in educational opportunities; reading professional publications; maintaining personal networks; participating in professional organizations.
- Perform other duties and responsibilities as required, assigned, or requested.
- Bachelor's degree in information technology, Computer Science, Business Administration, or another related field preferred. High school diploma / GED with extensive Information Systems or Computer Science experience is also acceptable.
- Formal certifications such as CSSP, CISSP or HCISSP preferred.
- 4-6 years of experience in Cloud platform security and operational information security required.
- Strong working experience with Windows operating systems, Azure, and AWS cloud ecosystems.
- Proficiency with major operating systems.
- Fluency in different programming languages.
- Knowledge of security frameworks; HITRUST and CIS required.
- Advanced knowledge of Information Security practices, policies, and procedures.
- Great verbal communication skills to convey information to the relevant audience, as well as exceptional written communication skills, documentation, and reporting.
- Ability to self-motivate, work proactively and independently, as well as ability to effectively work in a team environment and maintain strong working relationships.
- Excellent analytical and troubleshooting skills to constantly monitor systems to identify threats and vulnerability, execute security architecture, and effectively address external threats.
- Working technical aptitude of network protocols and security architecture.
- Ability to contribute to process improvement, problem solving, and manage projects.
- Ability to prioritize and manage multiple high priority tasks and competing priorities in a complex and dynamic environment.
- Ability to convey a strong presence and professional image.
- Ability to work in a fast-paced and rapidly changing environment and consistently meet strict service level agreement performance requirements.
- Advanced working knowledge of Microsoft O365 toolset (Word, Project, Excel, and PowerPoint required; Visio preferred).
- Technical proficiency with network and IT Security technology platforms, e.g., Vulnerability and patch management solutions, anti-virus/malware solutions/endpoint detection and response, Multi-Factor Authentication, Mobile Device Management, Azure Active Directory, MS Azure IaaS, Intune, MS Sentinel SIEM (Security Information and Event Management), IPS (Intrusion Protection System), Firewalls, Wi-Fi controllers, etc.
- Experience with Qualys vulnerability and patch management preferred.
- Experience with MS Defender and Microsoft XDR (eXtended Detection and Response) ecosystem preferred.
- Experience with CrowdStrike Falcon preferred.
- Cloud platform security architecture.
- Certified Cloud Security Professional.
- Job Function IT
- Pay Type Salary
- Corporate Rio Salado, Tempe AZ, 850 West Rio Salado Parkway, Tempe, Arizona, United States of America
- Tennessee, USA
- Texas, USA