Sr. Information Security Engineer

Reveleer
71d
Match Resume

About The Position

The Senior Information Security Engineer plays a key role in safeguarding the company’s cloud-based healthcare SaaS platforms, infrastructure, and customer data. This position is responsible for designing, implementing, and managing enterprise-grade security solutions that align with regulatory frameworks such as HIPAA, HITRUST, SOC 2, and NIST 800-53. The ideal candidate is a hands-on technologist with deep knowledge of cloud security (AWS/Azure), DevSecOps practices, endpoint protection, identity management, and security automation.

Requirements

  • Bachelor’s degree in Computer Science, Information Security, or equivalent experience.
  • 5+ years of experience in security engineering or related technical security roles.
  • Strong knowledge of cloud-native security (AWS, Azure) and modern SaaS architectures.
  • Hands-on experience with SIEM, EDR/XDR, IAM, vulnerability management, and security automation.
  • Familiarity with HIPAA, HITRUST, and SOC 2 requirements.
  • Experience securing containerized and serverless workloads (e.g., EKS, Lambda).

Nice To Haves

  • Certifications such as CISSP, CISM, CCSP, AWS Security Specialty, or GIAC (GSEC, GCIA, GCIH).
  • Experience with Terraform, Ansible, or CloudFormation for infrastructure-as-code security.
  • Experience in DevSecOps pipelines and tools (e.g., Jenkins, Bitbucket).
  • Strong scripting skills (Python, PowerShell, or Bash).

Responsibilities

  • Design and maintain secure architectures across AWS, Azure, and GCP environments.
  • Implement guardrails and controls using services such as AWS Security Hub, GuardDuty, Config, and IAM.
  • Conduct regular vulnerability scans, configuration reviews, and remediation tracking for infrastructure and workloads.
  • Develop and enforce network segmentation, encryption, and key management policies.
  • Collaborate with DevOps and Engineering to integrate security into CI/CD pipelines (Snyk, StackHawk, etc.).
  • Perform threat modeling, code reviews, and secure design reviews for microservices and APIs.
  • Support penetration testing and application security validation efforts.
  • Help ensure PHI/PII is protected across all SaaS platforms.
  • Manage and enhance EDR/XDR solutions (e.g., Cortex, Defender for Endpoint).
  • Implement and monitor identity security controls through Microsoft Entra ID (Azure AD), Conditional Access, and PIM.
  • Support Intune and MDM compliance policies for Windows, macOS, and mobile devices.
  • Monitor alerts, investigate incidents, and coordinate responses with the SOC.
  • Develop and improve incident response runbooks, playbooks, and forensic analysis procedures.
  • Support SIEM integrations and continuous improvement of detection use cases.
  • Support audits and evidence collection for HIPAA, HITRUST, SOC 2, and customer security assessments.
  • Maintain asset inventories, risk registers, and remediation tracking.
  • Collaborate with Compliance to ensure alignment between security controls and policies.
  • Contribute to security awareness and training initiatives.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Career Level

Senior

Education Level

Bachelor's degree

Number of Employees

251-500 employees

Job Search Resources

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service