Cloud Security Engineer, DevSecOps Engineer

🕒 vor 1 Tag

🗽 New York – Remote

🗽 New York – Remote

💵 $140.000 - $170.000 / Jahr

⏰ Vollzeit

🟡 Mittelstufe

🟠 Senior

⛑ DevOps- und Site Reliability Engineer (SRE)

🦅 H1B-Visum-Sponsor

Dieses Unternehmen hat in der Vergangenheit H1B-Visa gesponsert.

Jetzt Bewerben

Ähnliche Remote-Jobs finden

E-Mails für Remote-Jobs erhalten

📊 Überprüfen Sie Ihre Lebenslauf-Bewertung für diese Stelle

Verbessern Sie Ihre Chancen auf ein Vorstellungsgespräch, indem Sie Ihre Lebenslauf-Bewertung vor der Bewerbung überprüfen.

Lebenslauf hochladen

Get Well

WebsiteLinkedInAlle Stellen

201 - 500 Mitarbeiter

Gegründet 2001

⚕️ Krankenversicherung

☁️ SaaS

Healthcare Insurance • SaaS

Get Well ist eine digitale Ganzheitsgesundheitsplattform, die für Unternehmen im Gesundheitswesen entwickelt wurde und sich darauf konzentriert, die Patientenbindung und -erfahrung an verschiedenen Berührungspunkten der Gesundheitsreise zu verbessern. Das Unternehmen bietet eine umfassende Suite von Tools an, wie zum Beispiel Get Well 360, die darauf abzielt, Patienten nicht nur an den Versorgungsstellen, sondern auch in ihren Gemeinden zu aktivieren, zu binden und zu halten. Die Lösungen von Get Well sollen die Patientenerfahrung verbessern, die Gesundheitsgerechtigkeit unterstützen und die Versorgung für verschiedene Gruppen, einschließlich Gesundheitssystemen, Regierungen und internationalen Anbietern, transformieren. Die Plattform bietet interaktive Patientenversorgung, smarte Raum-Erlebnisse und Gesundheitsplanlösungen, wobei stets hohe Standards in Bezug auf Sicherheit und Interoperabilität gewährleistet werden. Mit einem Fokus auf ganzheitliche Patientenaktivierung und -versorgung ist Get Well bestrebt, Einzelpersonen und Gesundheitsorganisationen zu befähigen, zu gedeihen.

Beschreibung

• Review, improve, and help design secure architectures across AWS and Microsoft Azure environments. • Implement and maintain cloud security controls related to IAM, network segmentation, encryption, logging, key management, backups, secure configuration, and access control. • Identify and remediate cloud misconfigurations, excessive permissions, insecure storage, public exposure, weak logging, and missing security controls. • Partner with engineering and infrastructure teams to integrate security checks and DevSecOps practices into CI/CD workflows. • Operate and improve vulnerability management processes, including scanning, validation, prioritization, remediation tracking, reporting, and exception review. • Use security monitoring and telemetry platforms to support alert triage, endpoint visibility, log review, investigation, and detection improvement. • Support compliance monitoring, evidence collection, control mapping, and audit readiness activities using Vanta and Compyl. • Map technical controls to compliance requirements, internal policies, customer security expectations, and audit evidence needs. • Participate in threat modeling and security reviews for new applications, infrastructure changes, cloud deployments, and third-party integrations. • Support incident response activities, including alert investigation, log analysis, evidence gathering, containment recommendations, and post-incident improvements. • Improve identity and access management practices, including least privilege, MFA, conditional access, service principals, role reviews, privileged access controls, and access certification support. • Create and maintain security documentation, cloud security standards, control narratives, runbooks, remediation procedures, and architecture diagrams. • Support implementation and maintenance of security benchmarks and frameworks such as CIS, NIST, SOC 2, ISO 27001, HIPAA, FedRAMP Moderate, and HITRUST. • Translate security and compliance requirements into practical technical tasks for engineering, IT, and infrastructure teams.

🎯 Anforderungen

• 3–5 years of experience in cybersecurity, cloud security, DevOps, infrastructure, systems administration, security operations, compliance operations, or a related technical role. • Hands-on experience with AWS and/or Microsoft Azure, with the ability to work across both platforms. • Working knowledge of cloud security concepts, including IAM, network controls, encryption, logging, monitoring, workload security, and shared responsibility models. • Experience with common AWS security services such as IAM, CloudTrail, CloudWatch, GuardDuty, Security Hub, KMS, Config, S3 security, or VPC controls. • Experience with common Azure security services such as Microsoft Entra ID, Azure Policy, Defender for Cloud, Key Vault, Network Security Groups, Log Analytics, Sentinel, or related services. • Experience with vulnerability management tools such as Rapid7 InsightVM, Nexpose, InsightCloudSec, InsightIDR, or similar platforms. • Experience with SIEM, endpoint monitoring, log analysis, or security telemetry tools such as Wazuh, Rapid7 InsightIDR, Microsoft Sentinel, or similar platforms. • Familiarity with compliance automation, GRC, or audit readiness platforms such as Vanta, Compyl, or similar tools. • Ability to interpret vulnerability, cloud posture, endpoint, and compliance findings and prioritize remediation based on risk. • Working knowledge of secure configuration, patch management, asset inventory, evidence collection, vulnerability remediation, and exception management workflows. • Basic to intermediate scripting or automation experience using Python, PowerShell, Bash, Terraform, or similar tools. • Strong communication and documentation skills, including the ability to explain technical risks, write clear procedures, and recommend practical remediation options.

🏖️ Vorteile

• Exceptionally generous paid time away from work • A variety of paid leave programs • Savings opportunities with 401(k) and incentive plans • Internal education programs • Full array of health benefits • Fitness reimbursement • Cell phone subsidy • Casual offices with snacks and drinks • Peer recognition programs • Health advocacy and employee assistance programs • Pet insurance