Cloud Security Specialist

Summary

Join Softheon, a SaaS organization dedicated to affordable healthcare, as a Cloud Security Specialist. This remote role requires strong collaboration and expertise in Azure cloud security. You will design and implement security frameworks, manage policies, respond to threats, and ensure compliance with regulations like HIPAA. The position demands experience with Azure, security tools, and incident response. Softheon offers a competitive salary, comprehensive benefits, and opportunities for professional development.

Requirements

• A Bachelor's degree in Computer Science, Information Security, or a related field is preferred; however, equivalent relevant experience will also be considered
• SC-200 or SC-400 is mandatory prior to start date
• Minimum of 8-10 years of professional working experience in the IT Operations, Cyber Security field or related field
• Minimum of 5 years of experience in cloud security or related roles. Proven experience with Azure cloud platform and associated security controls
• Must have experience working with either HIPAA, SOC, or PCI Audits in a Cloud Security Environment
• Must have experience working with Defender/Defender XDR
• Strong knowledge of cloud security architecture, tools, and best practices
• Experience with network security, encryption technologies, and identity management
• Excellent problem-solving abilities with a keen attention to detail
• Ability to analyze security incidents and develop appropriate response strategies
• Strong verbal and written communication skills
• Ability to convey complex security concepts to non-technical stakeholders
• Collaborative mindset with the ability to work effectively in a team-oriented environment
• Proven ability to manage multiple priorities and projects simultaneously
• Candidates must be willing and able to respond promptly as needed, and on-call scheduling may be arranged in advance to ensure coverage
• This position will require you to work EST (9am – 6pm EST)

Responsibilities

• Design and implement cloud security frameworks
• Architect and deploy robust security controls for Azure-based cloud infrastructure, ensuring alignment with organizational security policies and standards
• Review and improve security configurations for Azure services, ensuring appropriate access control, encryption, and security monitoring
• Define and enforce security policies for cloud usage, ensuring that data is protected, encrypted, and appropriately monitored
• Perform regular security audits of cloud environments, including vulnerability scanning and penetration testing, to identify and mitigate risks
• Act as the primary point of contact for cloud security incidents
• Lead efforts to contain, investigate, and remediate breaches or threats
• Conduct threat-hunting activities within Azure cloud environments to uncover potential risks and misconfigurations before they lead to security incidents
• Leverage tools like Microsoft Sentinel to correlate security events and detect abnormal patterns in network and system activity
• In the event of a security breach, perform forensic analysis to determine the cause and prevent future occurrences
• Lead efforts to ensure the cloud environment meets regulatory requirements and is fully prepared for external and internal security audits
• Develop and enforce governance frameworks to ensure ongoing compliance with security standards and legal requirements (e.g., HIPAA, GDPR, SOC 2)
• Assess the security posture of third-party vendors, ensuring that their practices meet compliance and security requirements when integrating with the organization’s cloud systems
• Automate repetitive security tasks using tools like Microsoft Azure Security Center, Microsoft Defender, and Sentinel to improve operational efficiency
• Design and implement a Zero Trust security model within the Azure environment, ensuring secure access to resources
• Establish and maintain real-time monitoring and alerting systems using cloud-native tools and services to ensure timely identification of vulnerabilities or suspicious activities
• Oversee the integration of Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) systems to streamline incident response
• Educate DevOps, engineering, and IT teams on best practices for secure cloud development, including secure coding and configuration
• Partner with DevOps teams to integrate security into CI/CD pipelines, ensuring secure code deployment and infrastructure provisioning
• Collaborate with IT, product, and legal teams to ensure cloud security practices align with business goals and regulatory frameworks
• Develop and maintain detailed incident response playbooks to ensure a consistent and effective approach to security breaches
• Provide detailed security reports, including audit logs and incident findings, for compliance reviews and audits
• Define, track, and report key security metrics (e.g., number of incidents, MTTR) to senior management to continuously improve security posture
• This position may require occasional on-call availability, estimated to be less than 20% of the time, to address urgent issues or support business needs outside of regular working hours

Preferred Qualifications

Relevant certifications (e.g., CISSP, CCSP, AWS Certified Security – Specialty) are a plus

Benefits

• Salary - $120,000- $150,000
• Opportunity to work on cutting-edge cloud-based healthcare solutions
• Work from your home company with a one-time home office stipend
• Excellent benefits package that includes health, vision and dental coverage for you, your spouse and dependents
• Additional benefits, including a monthly wellness stipend and internet stipend, 401K w/ a match; immediately vested, employee assistance program, disability/life insurance, and parental leave
• 15 days to Discretionary PTO based on YOS plus 9 additional holidays
• Referral bonuses, discretionary bonus program, spot bonuses and professional development opportunities
• An opportunity for you to be part of a team committed to improving healthcare access and affordability by leveraging innovative technology solutions