Position Summary
The Cloud Security Engineer is responsible for testing, installing, configuring, and maintaining security solutions/tools as well as monitoring infrastructure (networks and systems) for unusual activity, security breaches, and/or intrusions. This individual will collaborate closely with client teams on the implementation, maintenance, and administration of security tools. Additionally, Cloud Security Engineers communicate findings, incidents, and concerns to relevant team members and leadership in a timely manner and work with teams to address and remediate those findings and concerns. The Cloud Security Engineer would also need to be strong with using AI to secure the network further. This is a hybrid role, Mon-Thurs in office and Friday's work from home. 

Responsibilities:
 

• Standardizing Azure Security best practices, processes, and procedures
• Extensive Knowledge of utilizing and implementing Microsoft Purview and all its features. DLP, Auditing, etc.
• Collaborating with team members to develop and document security standards and policies that align with industry’s best practices.
• Finding gaps with the current cloud security posture and assisting with finding new security products, installation, configuration, and operation of new security products and procedures.
• Deploying, troubleshooting, maintaining, and administering security solutions (such as Endpoint Protection (CrowdStrike), SIEMs (CrowdStrike), Vulnerability Management solutions (Rapid7), email security gateways (Mimecast), and event logging solutions
• Conducting vulnerability scans of environments and remediation of vulnerabilities
• Undertaking system and infrastructure hardening efforts per standardized benchmarks (E.g.: NIST standards, Cybersecurity Framework (CSF), HIPAA, SOC2, HITRUST, etc.).
• Monitoring infrastructure for security breaches. Security incident response and forensic investigation
• Monitoring for irregular system behavior.
• Ensuring that MedReview has detailed, timely, and accurate information regarding security concerns, security findings, and incidents.
• Investigations into how incidents and/or breaches occur as a member of the incident response team.
• Participation in security tabletop exercises.
• Helping maintain MedReview’s information security strategy.
• Recommending modifications with regards to legal, Compliance, technical, and regulatory areas.     

Qualifications:
 

• Very strong hands on 5-10 years' experience in Cloud Information Security and Engineering.
• Strong foundational knowledge across Microsoft Azure Cloud technology stacks
• Strong IAM experience
• Strong Purview Environment Experience
• Strong O365 experience
• A strong background in both data / information security and system engineering.
• Possession of both deep and wide expertise in the cloud security space.
• Experience deploying, troubleshooting, integrating with, managing, and maintaining cloud security solutions (Email security gateways, network security tools, SIEMs, Antivirus/EPP technologies, etc.).
• Experience monitoring infrastructure and systems for security breaches or intrusions and working with SOC team to remediate.
• Experience with Third-Party cloud-based penetration testing
• Deep understanding of security practices of Windows server operating systems
• Experience in some specific vertical industry (Healthcare) is preferred.
• Excellent communication skills, both written and verbal.
• Documentation of security tools, deployment configuration, incident reports, etc.
• Communication with client teams on the above as well as a clear explanation of concerns, findings, and incidents.
• Availability to work nights and weekends during (un)planned outages and other special circumstances, with 24/7 accountability.
• Availability to enter on call rotation.
• Ability to lift 50 lbs.
• CISSP, CISM, CISA, CCSP, ITIL, IaaS, PaaS, SaaS, Azure Security Engineer Associate, Security + or other related certification preferred.
• Advanced understanding of infrastructure. Active Directory, Exchange, Windows desktop/server OS, VMware, storage systems, DNS, firewalls
• Advanced understanding of protocols. WMI, SNMP, TLS, SSL, SMB, Cypher Suites
• Advanced understanding of securing systems and platforms through device/policy hardening
• Understanding of SSL Certificates
• Ability to communicate technical information in a clear manner, both written and verbally, to end users
• Proficient knowledge of MS Outlook, Word, Excel, Visio, and PowerPoint
• Experience with HIPAA, HITRUST, HITECH, PCI, ISO 27001, ISO 27002, URAC regulations and awareness and/or experience with CMS, NIST and other healthcare related regulations preferred.

Benefits and perks include:
 

• Healthcare that fits your needs - We offer excellent medical, dental, and vision plan options that provide coverage to employees and dependents.
• 401(k) with Employer Match - Join the team and we will invest in your future
• Generous Paid Time Off - Accrued PTO starting day one, plus additional days off when you’re not feeling well, to observe holidays.
• Wellness - We care about your well-being. From Commuter Benefits to FSAs, we’ve got you covered.
• Learning & Development - Through continued education/mentorship on the job and our investment in LinkedIn Learning, we’re focused on your growth as a working professional.

Salary Rate: $150,000 – 155,000/Annually.

 

Powered by JazzHR

zFejajwTMl