Lead Cloud Security Engineer

Overview: Manages security for cloud-based platforms and plays an integral role in protecting VNS Health data and cloud-based systems. Assesses, designs, monitors, and analyzes cloud architectures, creates new and enhanced security methods, and manages relationships with third party managed services providers and consultants. Ensures cloud-based management and security is aligned with VNS Health's security goals. Works under limited supervision. Responsibilities:

• Serves as the lead cloud security technical resource within the Security team and for the infrastructure, database architecture, and business application management teams.
• Leads the design improvement and implementation of security controls within cloud-based and infrastructure-as-a-service and platform-as-a-service offerings, including security features native to the services and additional solutions implemented to compliment and monitor current service offerings.
• Participates in the identification, implementation and on-going support of new DevOps initiatives built on cloud services.
• Integrates and utilizes cloud monitoring tools and Security Operation Center/Managed Security Service Provider solutions.
• Oversees and monitors managed services providers regarding vulnerability management, identity and access management, and encryption key management within cloud environments.
• Works with other teams to implement DevSecOps processes to achieve security objectives such as process monitoring, risk analysis, incident management, vulnerability management and automation of security processes.
• Trains IT team members on security principles, processes, strategy, and tactics to achieve security objectives within cloud environments.
• Develops security solutions and communicates with internal and external parties.
• Participates in incident response, change management, service requests, and problem resolution.
• Supports other security efforts directly and indirectly related to cloud platforms and the business use of those platforms.
• Designs, develops, documents and champions the Reference Cloud Solution Security Architecture to complement the Cloud Enterprise Architecture and Enterprise Cloud Security Architecture for existing and new systems.
• Integrates security into the Continuous Integration/Continuous Delivery (CI/CD) system development lifecycle (SDLC) for application development and deployment.
• Participates in special projects and performs other duties as assigned.

Qualifications:

Licenses and Certifications:
Certified Cloud Security Professional (CCSP), AWS Certified Security Specialty, AWS Certified Architect, Microsoft Azure Security Engineer Certifications, CISSP, HCISPP, CSSLP, CISM, CEH, CCSK, or relevant GIAC certifications

Education:
Bachelor's Degree or equivalent work experience required

Work Experience:

• Minimum of seven years of experience in cloud security in a highly regulated industry required Healthcare experience preferred
• Proficiency in AWS and Microsoft cloud platforms required
• Proficiency with AWS components such as Organizations, IAM, Identity Center, KMS, Security Hub, Config, Macie, CloudWatch, EventBridge, GuardDuty, Inspector, CloudFormation, WAF & Shield, and CLI required
• Proficiency with Microsoft 365 Security Center, Entra, = Microsoft Defender, Azure Infrastructure-as-a-Service, and PowerShell required
• Experience with development and automation tools such as Visual Studio Code, Python, Ansible, and Git- based repositories such as GitHub or GitLab required
• Experience with Infrastructure as Code (IaC) tools such as Terraform for provisioning and managing cloud resources preferred
• Excellent communication skills to communicate within IT and to the rest of the business required
Demonstrated ability to evaluate IT security risk in a complex environment required

Pay Range: USD $137,800.00 - USD $183,800.00 /Yr.