Remote Cloud Security Specialist

Summary

Join Softheon, a dynamic SaaS organization dedicated to affordable, accessible, and plentiful healthcare for every American. As a Cloud Security Specialist, you will design and implement cloud security frameworks, monitor cloud configurations, respond to threats, and automate security processes. This role demands strong collaboration with cross-functional teams, ensuring seamless integration of security practices across all cloud services.

Requirements

• A Bachelor's degree in Computer Science, Information Security, or a related field is preferred; however, equivalent relevant experience will also be considered
• Relevant certifications (e.g., CISSP, CCSP, AWS Certified Security – Specialty) are a plus and SC-200 or SC-400 is mandatory prior to start date
• Minimum of 8-10 years of professional working experience in the IT Operations, Cyber Security field or related field
• Minimum of 5 years of experience in cloud security or related roles
• Must have experience working with either HIPAA, SOC, or PCI Audits in a Cloud Security Environment
• Must have experience working with Defender/Defender XDR

Responsibilities

• Design and implement cloud security frameworks
• Architect and deploy robust security controls for Azure-based cloud infrastructure, ensuring alignment with organizational security policies and standards
• Review and improve security configurations for Azure services, ensuring appropriate access control, encryption, and security monitoring
• Define and enforce security policies for cloud usage, ensuring that data is protected, encrypted, and appropriately monitored
• Perform regular security audits of cloud environments, including vulnerability scanning and penetration testing, to identify and mitigate risks
• Act as the primary point of contact for cloud security incidents. Lead efforts to contain, investigate, and remediate breaches or threats
• Conduct threat-hunting activities within Azure cloud environments to uncover potential risks and misconfigurations before they lead to security incidents
• Leverage tools like Microsoft Sentinel to correlate security events and detect abnormal patterns in network and system activity
• Perform forensic analysis to determine the cause and prevent future occurrences of security breaches
• Lead efforts to ensure the cloud environment meets regulatory requirements and is fully prepared for external and internal security audits
• Develop and enforce governance frameworks to ensure ongoing compliance with security standards and legal requirements (e.g., HIPAA, GDPR, SOC 2)
• Assess the security posture of third-party vendors, ensuring that their practices meet compliance and security requirements when integrating with the organization’s cloud systems
• Automate repetitive security tasks using tools like Microsoft Azure Security Center, Microsoft Defender, and Sentinel to improve operational efficiency
• Design and implement a Zero Trust security model within the Azure environment, ensuring secure access to resources
• Establish and maintain real-time monitoring and alerting systems using cloud-native tools and services to ensure timely identification of vulnerabilities or suspicious activities
• Oversee the integration of Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) systems to streamline incident response
• Educate DevOps, engineering, and IT teams on best practices for secure cloud development, including secure coding and configuration
• Partner with DevOps teams to integrate security into CI/CD pipelines, ensuring secure code deployment and infrastructure provisioning
• Collaborate with IT, product, and legal teams to ensure cloud security practices align with business goals and regulatory frameworks
• Develop and maintain detailed incident response playbooks to ensure a consistent and effective approach to security breaches
• Provide detailed security reports, including audit logs and incident findings, for compliance reviews and audits
• Define, track, and report key security metrics (e.g., number of incidents, MTTR) to senior management to continuously improve security posture

Benefits

• Salary - $120,000- $150,000
• Opportunity to work on cutting-edge cloud-based healthcare solutions
• Work from your home company with a one-time home office stipend
• Excellent benefits package that includes health, vision and dental coverage for you, your spouse and dependents
• Additional benefits, including a monthly wellness stipend and internet stipend, 401K w/ a match; immediately vested, employee assistance program, disability/life insurance, and parental leave
• 15 days to Discretionary PTO based on YOS plus 9 additional holidays
• Referral bonuses, discretionary bonus program, spot bonuses and professional development opportunities