Remote Cloud Security Engineer

Summary

Join Ro's Cloud Security function in protecting the security and privacy of patients through cloud security engineering and architecture. As a senior-level individual contributor, you'll design and automate scalable architectures and tools, drive discussions and designs, and work closely with infrastructure and engineering teams to make secure infrastructure solutions.

Requirements

• 7+ years of experience in cloud security engineering and architecture
• Deep understanding of cloud security principles and best practices
• Extensive knowledge of fundamental security technologies, including firewalls, IDS/IPS, endpoint protection, IAM, encryption, and DLP
• Expertise with key tooling: Cloud Security Posture Management (CSPM), Cloud Native Application Protection Platforms (CNAPPs), Cloud Workload Protection Platforms (CWPPs) and Data Security Posture Management (DSPM)
• Expertise in securing and hardening cloud workloads, including containers, serverless architectures, and virtual machines
• Advanced experience with Infrastructure as Code (IaC) tools like Terraform, CloudFormation, and Pulumi
• High proficiency in programming or scripting languages for developing complex security automation solutions
• Comprehensive understanding of cloud and network security
• Demonstrated ability to perform in-depth security reviews of SaaS product architecture and its supporting infrastructure
• Familiarity with and ability to implement compliance standards HIPAA, HITRUST, CIS, NIST 800-53 and others
• Strong leadership and communication skills

Responsibilities

• Maintain and Operate Secure Cloud Infrastructure: Lead the ongoing maintenance and operation of secure cloud infrastructures, focusing on AWS and cloud-native technologies
• Cloud Native Application Protection: Secure applications built for cloud environments by automating security assessments, monitoring runtime environments, and integrating security practices into the development lifecycle
• Cloud Workload and Data Protection: Implement robust security controls for cloud workloads and data, including containers, virtual machines, and serverless architectures
• Kubernetes and Cloud Security Hardening: Lead security hardening across all cloud security layers, with a focus on Kubernetes clusters and cloud-native environments
• Collaborate on Secure Platform Solutions: Partner with infrastructure, product security, security engineering, and engineering teams to design and implement secure platform solutions
• Automation of Security Operations: Develop and deploy automation solutions to enhance security operations, reduce manual efforts, and ensure consistent security practices
• Security Incident Response: Contribute to incident response efforts, including detection, analysis, containment, and recovery
• Compliance, Risk Management, and Data Governance: Ensure cloud infrastructures comply with standards such as SOC 2, HIPAA, and HITRUST
• Technical Leadership and Mentorship: Act as a technical leader and mentor, promoting a security-first mindset

Benefits

• Full medical, dental, and vision insurance + OneMedical membership
• Healthcare and Dependent Care FSA
• Commuter benefits
• 401(k)
• Flexible PTO
• Fitness reimbursement
• Paid maternity/parental leave