Cloud Security Specialist

16 hours ago

Apply Now
Logo of Softheon

Softheon

Healthcare Reform Solutions • Solutions for Exchanges • Healthcare Information Management • Healthcare Transaction Management • Underwriting

201 - 500

💰 $200k Venture Round on 2009-03

Description

• Job Title: Cloud Security Specialist • Job Location: Remote • About us: Softheon is a dynamic and forward-thinking Software as a Service (SaaS) organization that is dedicated to ensuring affordable, accessible, and plentiful healthcare for every American. • Our Company Culture: Built on collaboration, innovation, and appreciation. • About the role: This role demands strong collaboration with cross-functional teams, ensuring the seamless integration of security practices across all cloud services, including IaaS, PaaS, and SaaS. • The Cloud Security Specialist will also develop and enforce security policies, monitor cloud configurations, respond to threats, and automate security processes, ensuring compliance with industry regulations such as HIPAA.

Requirements

• Cloud Security Management: • Design and implement cloud security frameworks: Architect and deploy robust security controls for Azure-based cloud infrastructure, ensuring alignment with organizational security policies and standards. • Cloud configuration and hardening: Review and improve security configurations for Azure services, ensuring appropriate access control, encryption, and security monitoring. • Policy management and enforcement: Define and enforce security policies for cloud usage, ensuring that data is protected, encrypted, and appropriately monitored. • Continuous security assessments: Perform regular security audits of cloud environments, including vulnerability scanning and penetration testing, to identify and mitigate risks. • Threat Management: • Incident detection and response: Act as the primary point of contact for cloud security incidents. Lead efforts to contain, investigate, and remediate breaches or threats. • Proactive threat hunting: Conduct threat-hunting activities within Azure cloud environments to uncover potential risks and misconfigurations before they lead to security incidents. • Security event correlation: Leverage tools like Microsoft Sentinel to correlate security events and detect abnormal patterns in network and system activity. • Forensics and root cause analysis: In the event of a security breach, perform forensic analysis to determine the cause and prevent future occurrences. • Compliance & Governance: • HIPAA, SOC, and PCI audit preparation: Lead efforts to ensure the cloud environment meets regulatory requirements and is fully prepared for external and internal security audits. • Cloud security governance: Develop and enforce governance frameworks to ensure ongoing compliance with security standards and legal requirements (e.g., HIPAA, GDPR, SOC 2). • Third-party vendor risk management: Assess the security posture of third-party vendors, ensuring that their practices meet compliance and security requirements when integrating with the organization’s cloud systems. • Security Tools & Technologies: • Security automation: Automate repetitive security tasks using tools like Microsoft Azure Security Center, Microsoft Defender, and Sentinel to improve operational efficiency. • Zero Trust architecture: Design and implement a Zero Trust security model within the Azure environment, ensuring secure access to resources. • Continuous security monitoring: Establish and maintain real-time monitoring and alerting systems using cloud-native tools and services to ensure timely identification of vulnerabilities or suspicious activities. • SIEM and SOAR management: Oversee the integration of Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) systems to streamline incident response. • Collaboration: • Security training and advocacy: Educate DevOps, engineering, and IT teams on best practices for secure cloud development, including secure coding and configuration. • DevSecOps integration: Partner with DevOps teams to integrate security into CI/CD pipelines, ensuring secure code deployment and infrastructure provisioning. • Cross-departmental security alignment: Collaborate with IT, product, and legal teams to ensure cloud security practices align with business goals and regulatory frameworks. • Documentation & Reporting: • Security incident playbooks: Develop and maintain detailed incident response playbooks to ensure a consistent and effective approach to security breaches. • Audit and compliance reporting: Provide detailed security reports, including audit logs and incident findings, for compliance reviews and audits. • Key security metrics and KPIs: Define, track, and report key security metrics (e.g., number of incidents, MTTR) to senior management to continuously improve security posture.

Benefits

• Salary - $120,000- $150,000 • Opportunity to work on cutting-edge cloud-based healthcare solutions • Work from your home company with a one-time home office stipend • Excellent benefits package that includes health, vision and dental coverage for you, your spouse and dependents • Additional benefits, including a monthly wellness stipend and internet stipend, 401K w/ a match; immediately vested, employee assistance program, disability/life insurance, and parental leave • 15 days to Discretionary PTO based on YOS plus 9 additional holidays • Referral bonuses, discretionary bonus program, spot bonuses and professional development opportunities • An opportunity for you to be part of a team committed to improving healthcare access and affordability by leveraging innovative technology solutions

Apply Now

Similar Jobs

19 hours ago

Design and implement security solutions for Frontline Managed Services' IT infrastructure.

19 hours ago

CareSource

1001 - 5000

Manage third party risk compliance for CareSource’s information security operations.

Built by Lior Neu-ner. I'd love to hear your feedback — Get in touch via DM or lior@remoterocketship.com