Senior Cybersecurity Engineer

About The Position

Requirements

• Minimum 5 years of experience in cybersecurity.
• Hands-on experience working with a major public cloud platform such as AWS, Azure, or GCP.
• Experience in securing common cloud-native services residing in PaaS/IaaS environments.
• A working understanding of modern identity and access management concepts as they relate to application authentication and authorization, especially OAuth 2.0 and OIDC.
• Familiarity with REST APIs and healthcare standards such as HL7 FHIR and SMART on FHIR.
• Experience in implementing security controls to protect regulated data.
• Strong interpersonal, written, and oral communication skills.
• Highly self-motivated and directed professional, with keen attention to detail.
• Proven project management and organizational skills, specifically managing multiple, concurrent projects.
• Excellent analytical, problem-solving and decision-making abilities.
• Able to effectively prioritize tasks in a high-pressure environment.
• Strong customer service and solution-focused orientation.

Nice To Haves

• Bachelor's or higher is highly desired.
• CISSP certification desired.
• Familiarity with scripting – Powershell, Python, shell scripting.
• Familiarity with threat analysis models such as the cyber kill Chain and the MITRE ATT&CK framework.
• Familiarity with identity-centric zero trust network access (ZTNA) solutions.
• Previous experience in securing medical and related instrumentation devices.
• Understanding of industry standards and compliance requirements related to cybersecurity and cloud computing—especially ISO 27001, HIPAA, and PCI DSS.
• Familiarity with NIST and/or CIS benchmarks.

Responsibilities

• Partner with other technical teams to design and drive the implementation of security controls for PaaS and IaaS environments and associated components. For example: Infrastructure as code (IaC) Container security (Kubernetes/EKS, ECS, image scanning) Serverless functions/Lambda Data services (S3, RDS, DynamoDB) M365 Services (Entra, Purview, Intune)
• Design, implement, and oversee security controls for AI platforms, including data governance, model integrity, access control, and adversarial threat mitigation.
• Lead efforts to ensure sensitive data has appropriate protections in accordance with internal policy and external regulations. For example: Encryption at rest (application encryption, transparent data encryption) Encryption in-transit (TLS, IPSec tunnels) Key management (KMS/Key Vault, HSM) Tokenization/deidentification of PHI
• Lead and participate in technical security reviews of strategic applications: Collaborate with other IT teams to understand the design and document any risks. Recommend and drive the adoption of technical controls to strengthen security posture.
• Collaborate with application development teams on best practices for embedding fine-grained authorization inside of modern web applications and microservices.
• Work alongside other team members to develop technical security standards and best practices across various security domains; socialize and evangelize to other IT teams.
• Articulate common TTP’s used by malicious software and threat actors, along with associated remediation, to other IT teams.
• Provide level 3 support of security incidents as required.
• Assist members of Governance, Risk, and Compliance to answer technical questions from auditors and clients.
• In partnership with the broader Office of Information Security, research and recommend emerging security technologies/tools to address current and future threats.
• Represent the interests of security and risk to other technical staff and business stakeholders.

Benefits

• Employees regularly scheduled to work 20 or more hours per week are eligible for comprehensive benefits including: Medical, Dental, Vision, Life, STD/LTD, 401(k), Paid Time Off (PTO) or Flexible Time Off (FTO), Tuition Reimbursement and Employee Stock Purchase Plan.
• Casual, PRN & Part Time employees regularly scheduled to work less than 20 hours are eligible to participate in the 401(k) Plan only.
• Employees who are regularly scheduled to work a 7 on 7 off schedule are eligible to receive all the foregoing benefits except PTO or FTO.