Take an active role in the configuration and maintenance of a diverse range of security tools, with a focus on cloud environments.
Implement Information Security across multiple teams and ensure systems are compliant with internal and regulatory security standards.
Assure cloud solutions and frameworks are built with consideration toward HITRUST, SOC2, and ISO27001 compliance requirements.
Perform security-related aspects of the design, implementation, and testing of disaster recovery and business continuity architectures.
Develop and streamline security alerting and management tools within an AWS Multi-account and corporate environment taking into account the confidentiality, integrity and availability security principles.
Implement automated solutions to filter out false positives and identify events that truly need human intervention by leveraging scripting, AWS services, and other tools.
Participate in the development of action plans to remedy findings from assessments, work with DevOps and Developers to remediate findings and when required provide solutions.
Design and document system architecture and associated designs by analyzing requirements; constructing workflow charts and diagrams; studying system capabilities; writing specifications.
You are a driven, creative thinker who is able to merge business and technical information
You have a Bachelor's degree in Information Security, Computer Science, or a related field
You have at least 7 years of experience within Information Security
You have experience with information security in the healthcare realm
You have experience with identity and access management and SSO solutions, including SAML 2, OAuth 2, OIDC.
You have experience comprehensively securing and monitoring Amazon Web Services multi-account environments with hands on experience with VPC, SGs, IAM, ELB, EC2, Lambda, S3, RDS, SNS, SQS, etc.
You ideally have experience with AWS Security Services Configuration, Policies Management Automation and Monitoring/Alerting using SecurityHub, GuardDuty, WAF, Shield, Macie, Inspector, IAM Analyzer, Detective, etc.
AWS Security Engineering, Architecting or Security Specialty certification a plus
You have experience with operational, monitoring tools and frameworks on AWS such as Splunk Enterprise Security (ES), Privilege Escalation, AWS System Manager, Cloudwatch, Cloudtrail, fluentd, HIDS, Qualys, NetSkope, etc.