Find The RightJob.

Senior Cloud Security Engineer

Position Summary Details

Xsolis is a SaaS healthcare technology company breaking down silos between healthcare payors and providers with its Dragonfly platform that leverages predictive analytics, Machine Learning (ML), and Generative AI. Security, privacy, and trust are foundational for everything we build.

As a Sr. Cloud Security Engineer, you will help lead the design, implementation, and continuous improvement of our cloud security posture. You will play a critical role in securing AI-driven healthcare platforms running in modern cloud environments (AWS), ensuring compliance with healthcare regulations, and protecting sensitive patient data. This role requires deep technical expertise in cloud security, strong experience with regulated environments, and a forward-thinking mindset around securing AI/ML, Generative IA, and emerging Agentic AI systems.

We believe that effective Sr. Cloud Security Engineer needs more than technical know-how. The role also requires several non-technical to be a success at Xsolis including the following skills: motivation, communication, organization, prioritization, problem-solving, and adaptability.

Essential Duties & Responsibilities

The essential functions include, but are not limited to the following:

Cloud Security Architecture & Engineering

Design and implement secure cloud architectures across AWS
Lead the development of security guardrails, policies, and standards (IAM, network segmentation, encryption, etc.)
Implement Zero Trust architecture principles across cloud-native systems and user endpoints
Secure containerized and serverless workloads (ECS, Kubernetes, Docker, Lambda, etc.)
Assess existing cloud implementations, identifying security issues and prioritizing them for remediation.

Workforce Security

Define and enforce security controls for endpoints and resource access
Implement improvements in identity lifecycle and PAM
Partner with engineering teams to design and implement a secure VDI environment to support PHI access

AI/ML & GenAI Security

Define and enforce security controls for AI/ML and GenAI applications
Partner with Data Science to mitigate risks such as model poisoning, prompt injection, data leakage, and adversarial attacks
Secure Agentic AI systems, including autonomous workflows and decision-making agents
Collaborate with data science teams to embed security into model development lifecycle (MLSecOps)

Compliance & Risk Management

Collaborate with GRC to ensure adherence to healthcare regulations (HIPAA, HITRUST, SOC 2, etc.)
Conduct risk assessments and threat modeling for cloud and AI systems
Support audits and compliance initiatives with appropriate controls and documentation

Detection & Response

Implement and tune cloud-native security monitoring and detection (SIEM, CSPM, CWPP)
Develop automated response and remediation workflows
Help manage incident response efforts for cloud security events

DevSecOps & Automation

Deep experience with SAST, DAST, SCA, and the use of AI coding tools
Familiarity with programming languages (Python, Java, Node.js, C#)
Integrate and optimize security in CI/CD pipelines and infrastructure-as-code (Terraform, CloudFormation)
Automate security controls, scanning, and policy enforcement
Partner with engineering teams to shift security left

Leadership & Collaboration

Mentor other engineers, security analysts, and promote security best practices across teams
Partner with product, engineering, people operations, enterprise systems, and data science teams
Stay ahead of emerging threats in cloud and AI security
Collaborate with various teams (internal and external) to meet business objectives and support Xsolis values

Minimum Qualifications (Knowledge, Skills, and Abilities)

Education:

- Bachelor’s degree in Cybersecurity, Computer Science, Information Systems or working experience required
- Master’s degree in Cybersecurity, Computer Science, or Information Systems degree desirable
- Certifications such as CISSP, CCSP, AWS Security certifications are highly desired.

Experience:

- 5+ years of experience in cloud security or cybersecurity engineering
- Strong knowledge of cloud security principles (IAM, networking, encryption, logging, etc.)
- Hands-on experience using and securing AWS services
- Solid understanding of securing containerized environments (Kubernetes, Docker)
- Deep understanding of security in regulated environments (HIPAA, HITRUST, SOC 2)
- Broad experience implementing automation to gain efficiencies
- Experience implementing Zero Trust Architecture
- Proficiency in programming or scripting
- Experience identifying AI security risks and securing AI technologies
- Ability to work and indirectly lead a wide range of professionals and team members.

Supervisory Responsibilities
This role does not have any direct reports and is a single contributor role.

Working Environment and Travel Requirements

Work is typically in a normal office administrative environment involving minimal exposure to physical risks. Position requires little to moderate physical activity. Mostly sedentary work exerting up to 10 pounds of force occasionally or a negligible amount of force to lift, carry, push, pull, or otherwise move objects. Work involves sitting most of the time, but may involve walking or standing for brief periods of time. No significant stooping is usually required.

About Us

Xsolis is an AI-driven technology company with a human-centered approach, fostering collaboration between healthcare providers and payers through real-time transparency, objective data for increased accuracy and alignment of medical necessity decisions, and more efficient outcomes. Dragonfly®, its AI-driven proprietary platform, is the first and only solution to use real-time predictive analytics to continuously assign an objective medical necessity score and assess the anticipated level of care for every patient, enabling more efficiency across the healthcare system. Xsolis is headquartered in Franklin, Tennessee.

Our Values:

Team First
Client Passionate
Always Curious
Deliver Excellence

Xsolis has been ranked on the Inc. 5000 and Deloitte Technology Fast 500 lists in both 2022 and 2023 as a fastest-growing private company, and was named 2022 Best in Business among private companies by the Nashville Business Journal. Xsolis executives have been featured in Becker's Hospital Review, Becker's Payer Issues, Chief Healthcare Executive, CIO Review, Managed Healthcare Executive, Medical Economics, HIT Consultant, Healthcare IT Today, among other leading publications.

For more information, visit www.xsolis.com.

Where We’ll Go Together

Our company will become the new standard for utilization management. You’ll be a core part of realizing that goal and a valued contributor to the culture and climate we wish to create. Our wins are your wins, and we’re dedicated to making you feel your work matters (it truly does).

If any of this speaks to you, let’s get in touch.

Candidates must successfully pass a background check and drug screen prior to beginning employment with XSOLIS.

XSOLIS is an equal opportunity employer that is committed to hiring based upon merit, skills, experience, and qualifications. We recognize the importance of an inclusive and diverse workforce that celebrates all individuals from all walks of life. We encourage everyone to apply regardless of gender identity, race, veteran status, age, sexual orientation, or any other protected class.

All employees of XSOLIS fall under the same security role, which includes access to sensitive information, including proprietary data and PHI.

All official communications from our recruitment team come from emails ending in @xsolis.com or @echo.newtonsoftware.com. Job offers are only extended after a formal interview process, and any offer will come through official channels. You can verify postings on our official careers page: https://www.xsolis.com/about/careers.

Similar jobs