Remote Senior Cloud Security Engineer

Summary

Join Rightway as a pioneering Sr. Cloud Security Engineer to lead cloud environment security compliant with HIPAA and HITRUST standards, fortify current infrastructure, and shape new cloud initiatives.

Requirements

• 7 years of experience, with at least 3 years in a dedicated cloud security or DevOps/DevSecOps/SRE role
• Proficient in both data manipulation languages (e.g. Python) for security analysis and infrastructure-as-code (e.g. Terraform, CloudFormation)
• Intimately familiar with infrastructure security concepts such as rate limiting, lateral movement, key management, container escape, etc
• Skilled using AWS GuardDuty, Inspector, Landing Zones or other security services
• Operated in one or more regulated environments (e.g., healthcare, finance, education)
• Able to explain nuanced infrastructure and security concepts to diverse stakeholders
• Positive, collaborative, and proactive attitude comfortable working independently

Responsibilities

• Partners with DevOps/SRE function to provide security input and architecture review of current AWS infrastructure and greenfield AWS/Kubernetes infrastructure (EKS)
• Deploy tooling such as Prowler, CloudCustodian, etc. to perform best practice assessment and embrace Governance as Code, to meet HIPAA/HITRUST requirements
• Design and enforce robust security controls to enhance key management
• Craft scripts for threat detection and incident response, ensuring our proprietary applications remain secure against emerging threats
• Spearhead the scoring and triage of vulnerabilities, applying context to CVSS scores and utilizing threat intelligence, and other measures of exploitability (e.g., EPSS) to prioritize real risks over false positives
• Manage zero-trust network architectures, ensuring secure and compliant connectivity between endpoints and cloud services. (e.g., ZScaler, Twingate)
• Evaluate and deploy vulnerability scanners for web application, image, and container runtime security (e.g., Snyk, Trivy, StackRox, Checkov, Falco, Grype)

Preferred Qualifications

• Maintains a cloud/security certification such as CCSP, AWS Solutions Architect, AWS Security Specialty
• Interest in growing into other areas of security
• Experience setting up application security infrastructure such as Snyk
• Experience with integrating security tools into CI/CD pipelines