Healthcare Tech company seeking a skilled Senior Cloud Security Architect to help build a secure cloud-based, web-scale platform while analyzing infrastructure implementations and identifying threat vectors and security issues. The Senior Cloud Security Architect should have a DevSecOps mindset, deep understanding of infrastructure and data security and will be highly invovled in contributing to new architecture designs, threat modeling and recommending appropriate security monitors.
Competitive compensation will be commensurated with experience.
Opportunity is fully-remote.
Core Responsibilities
- Threat Modeling and risk analysis to provide recommendations for AWS Services. (Secure-by-Default AWS Architecture)
- Evangelize cloud infrastructure security best practices to all the engineering teams.
- Develop tools to identify and mitigate security vulnerabilities.
- Write reports on assessment-based findings and proposals for security enhancement.
Minimum Qualifications
- Detailed technical knowledge of cloud infrastructure and tools such as; AWS, Terraform, Kubernetes and Ansible.
- Experience in security systems, including firewalls, intrusion detection systems and vulnerability scanning tools.
- Adequate knowledge of web related technologies (Web applications, Web Services, Service Oriented Architectures, Micro-services, Containerization of services) and of network/web related protocols. This includes very basics of web like using REST protocol, using JSON data format.
- Interest in all aspects of security research and development
- Masters/Bachelors' degree in Computer Science or related field (in lieu of degree, 4 years of relevant work experience)
Preferred Qualifications
- 6-8+ years of security related experience
- Strong scripting experience (Python, PowerShell, Bash, Go, etc)
- Strong Cloud Security and Infrastructure background
- Familiarity with cloud architecture security tools and best practices
- Experience with microservices architecture and docker containers
- Familiarity with Penetration Testing, Vulnerability Management, and security audits