Summary
Join Sword Health, a Forbes Best Startup Employer, and become a Security Engineer at the forefront of safeguarding our cloud infrastructure and applications. You will design, implement, and maintain secure cloud-based infrastructure and applications across GCP and AWS, ensuring HIPAA and GDPR compliance. Your responsibilities include incident response, threat monitoring, root cause analysis, and collaboration with cross-functional teams. This role requires a Bachelor's degree, 5+ years of cloud security experience, and proficiency in scripting languages. We offer competitive benefits, including health insurance, remote work options, flexible hours, and unlimited vacation.
Requirements
- Bachelor's degree in Computer Science, Information Security, or equivalent work experience in a related field
- Minimum of 5 years of experience in cloud security, with hands-on experience in GCP and AWS
- Strong understanding of cloud security concepts, including IAM, network security, encryption, and secure cloud configurations
- Proficiency in scripting languages (e.g., Python, Bash) for automation and infrastructure management
- Experience with cloud security tools such as Google Security Command Center, Wiz, AWS Security Hub, AWS GuardDuty, and SIEM platforms
- Knowledge of common security frameworks and standards, such as NIST, CIS, and COBIT
- Excellent problem-solving skills and the ability to think critically and strategically
Responsibilities
- Design, implement, and maintain secure cloud-based infrastructure and applications, and secure configurations across GCP and AWS to ensure Sword remains secure and HIPAA- and GDPR-Compliant
- Ensure incident response capability through the evaluation of our logging and traceability resources, providing guidance on optimal resource utilization and availability
- Monitor cloud environments for security threats, vulnerabilities and misconfigs, and respond promptly to security breaches, ensuring effective incident response protocols
- Perform root cause analyses (RCA) and incident reviews
- Advise on compensatory and mitigatory controls strategically, serving as a key element in incident response management
- Collaborate with cross-functional teams to design, develop, and implement infrastructure automation, shell scripts, and other programs that enhance security
- Identify and ensure the availability of crucial data sources and logs used by the security team
- Management of vulnerabilities and patching policies
- Develop, evangelize, and monitor the adoption of sound cloud security practices and standards, acting proactively to hardening and fine tuning initiatives
- Perform root cause analyses (RCA) and incident reviews
- Develop new, and review/update existing security-related configurations of Sword Healthβs infrastructure
- Identify new, and ensure availability of existing Sword Health data sources and logs that are being used by various Sword Health Security teams
- Ownership and management of preventative security measures and services related to Sword Health, i.e. GCPβs Security Command Center, Wiz, etc
Preferred Qualifications
- Experience with secure software development practices
- Knowledge of container orchestration platforms (e.g., Kubernetes)
- Familiarity with threat modeling and risk assessment methodologies
- Experience in tailoring and implementing compensatory/mitigatory controls in cloud environments
- Strong communication skills, with the ability to convey complex security concepts to both technical and non-technical stakeholders
- Experience leading security-related projects and working in cross-functional teams
- Demonstrated ability to collaborate effectively with colleagues and build strong working relationships
- Certifications such as AWS Certified Security - Specialty, Google Cloud Professional Cloud Security Engineer, or Certified Information Systems Security Professional (CISSP) are highly desirable
Benefits
- Health, dental and vision insurance
- Meal allowance
- Equity shares
- Remote work allowance
- Flexible working hours
- Work from home
- Unlimited vacation
- Snacks and beverages
- English class
- Unlimited access to our Learning Platform
Disclaimer: Please check that the job is real before you apply. Applying might take you to another website that we don't own. Please be aware that any actions taken during the application process are solely your responsibility, and we bear no responsibility for any outcomes.