How will this role have an impact?
The Cloud Security Engineer role is a hands-on, highly technical member of the Security Operations team focused on cloud and developer security. As a part of this team, you will interact with Site Reliability Engineers, Infrastructure Engineers, DevOps Engineers, Developers, and Security Engineers to help expand, maintain, and secure the cloud infrastructure that supports Signify Health, our personnel, partners, patient data, and technology platform.
Key alignment to the Governance, Risk, and Compliance (GRC) teams to ensure regulatory and contract requirements are satisfied, understood, and reflected within application design and infrastructure is a key function of this role. To facilitate this, the Cloud Security Engineer II role is an embedded role within the Development Engineering team where they will be instrumental in supporting development initiatives, building working relationships, and ensuring that security expertise is readily available as part of the development lifecycle. The role will report to the Director, Security Operations and is a focused extension of the Security Engineering program.
What will you do?
- Work with other teams to identify, resolve, and mitigate vulnerabilities in their systems.
- Evaluate or create new technologies and services in order to solve complex security issues.
- Perform design reviews and risk assessments for new applications integrating with core services.
- Develop automation to detect, remediate, and enforce security standards for the appropriate cloud platform.
- Guide product engineering teams to adopt security standards directly in our software and development lifecycle.
- Perform analysis of log files and data outputs. Perform triage of incoming issues using a ticketing & tracking system.
- Provide tuning recommendations of security tools and services based on the analysis of empirical data and suggest improvements for consistent metrics across multiple cloud platforms.
- Produce and review daily and weekly metrics for security events.
- Propose, design, and build new systems, solutions, and processes as required.
- Create and maintain documentation for new and existing processes and deployments.
- Stay up-to-date with trends in the information security community to include knowledge of new vulnerabilities, methodologies, and products.
We are looking for someone with:
- Accessibility to Galway required at least at least once per month
- Cloud: Worked with AWS, understands VPC, Security Groups, EC2, S3,...(or equivalent cloud).
- Bachelor’s of Science degree in Computer Science, Engineering, Computer Security, Information Systems, or related field, OR comparable level of professional experience.
- Experience with technologies from at least one public cloud (AWS, GCP, Azure).
- Experience with open source technologies like Git, Terraform, Docker.
- Experience in at least one programming language (Java, Python or Go).
- Produce reports and participate in code reviews, design discussions, etc.
- Experience mentoring peers without security backgrounds.
- Knowledge of attack vectors (malware, web application, social engineering, etc) and attack surfaces (ports, firewalls, incoming data processing, interfaces, etc).
- Experience with open source technologies and environments.
- Automation and scripting experience in Python or similar.
- Hands-on experience with Windows, MAC, Linux, at least one public cloud (AWS, GCP, Azure) and network fundamentals as it relates to the cloud platform of choice.
Preferred Qualifications include:
- Strong competencies in data structures, algorithms, and software design.
- Experience adopting security practices across an enterprise.
- Experience with container orchestration and service mesh technologies like Kubernetes, Envoy, and Consul.
- Professional Security certifications: AWS Certified Security, Microsoft Certified: Azure Security Engineer Associate, Google Professional Cloud Security Engineer, Certified Cloud Security Professional (CCSP), Certificate of Cloud Security Knowledge (CCSK), and GIAC Certifications.
- Fast-paced environment
- Frequently stationary for 5-8 hours per day
- Use corporate managed technology effectively
- Work effectively with frequent interruptions
- May require occasional overtime to meet project deadlines
- May be required to come to office occasionally for corporate gatherings and face-time
Signify Health partners with leading health plans, healthcare providers, biotechnology and pharmaceutical companies, and technology companies to improve the quality of life by providing comprehensive care where and when it's needed most. In addition, Signify Health delivers software and services that enable payers, employers and at-risk providers to organize and finance healthcare delivery around a patient’s episode of care.
With an innovative logistics and clinical workflow technology platform, exhaustive data set, and an unparalleled national clinical network, the company provides tech-enabled care services to vulnerable populations within the routine of their daily lives to improve health and quality of life. Signify Health delivers its services to partners at more than 1,000 healthcare locations nationwide and serves well over one million health plan members each year, providing health risk evaluations, complex care management, outcomes-based pharma services, and specialized medical services in the home and other convenient locations.
Signify Health has multiple offices in Texas with additional locations in Connecticut, New York, South Dakota, and Ireland. To learn more, please visit www.signifyhealth.com.
- Citizenship: Not Provided
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Not Provided