Cloud Security Engineer, DevSecOps Engineer

Job not on LinkedIn

🔥 0 minutes ago

🗽 New York – Remote

🗽 New York – Remote

💵 $140k - $170k / year

⏰ Full Time

🟡 Mid-level

🟠 Senior

⛑ DevOps & Site Reliability Engineer (SRE)

🦅 H1B Visa Sponsor

This company has sponsored H1B visas in the past.

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

Get Well

WebsiteLinkedInAll Job Openings

201 - 500 employees

Founded 2001

⚕️ Healthcare Insurance

☁️ SaaS

Healthcare Insurance • SaaS

Get Well is a digital whole health platform designed for enterprise healthcare solutions, focusing on enhancing patient engagement and experience across various touchpoints in the healthcare journey. The company offers a robust suite of tools, such as Get Well 360, which aims to activate, engage, and retain patients not only at points of care but also within their communities. Get Well's solutions are intended to improve the patient experience, support health equity, and transform care delivery for diverse groups including healthcare systems, government, and international providers. The platform provides interactive patient care, smart room experiences, and health plan solutions, all while ensuring high standards of security and interoperability. With a focus on holistic patient activation and care, Get Well is committed to empowering individuals and healthcare organizations to thrive.

📋 Description

• Review, improve, and help design secure architectures across AWS and Microsoft Azure environments. • Implement and maintain cloud security controls related to IAM, network segmentation, encryption, logging, key management, backups, secure configuration, and access control. • Identify and remediate cloud misconfigurations, excessive permissions, insecure storage, public exposure, weak logging, and missing security controls. • Partner with engineering and infrastructure teams to integrate security checks and DevSecOps practices into CI/CD workflows. • Operate and improve vulnerability management processes, including scanning, validation, prioritization, remediation tracking, reporting, and exception review. • Use security monitoring and telemetry platforms to support alert triage, endpoint visibility, log review, investigation, and detection improvement. • Support compliance monitoring, evidence collection, control mapping, and audit readiness activities using Vanta and Compyl. • Map technical controls to compliance requirements, internal policies, customer security expectations, and audit evidence needs. • Participate in threat modeling and security reviews for new applications, infrastructure changes, cloud deployments, and third-party integrations. • Support incident response activities, including alert investigation, log analysis, evidence gathering, containment recommendations, and post-incident improvements. • Improve identity and access management practices, including least privilege, MFA, conditional access, service principals, role reviews, privileged access controls, and access certification support. • Create and maintain security documentation, cloud security standards, control narratives, runbooks, remediation procedures, and architecture diagrams. • Support implementation and maintenance of security benchmarks and frameworks such as CIS, NIST, SOC 2, ISO 27001, HIPAA, FedRAMP Moderate, and HITRUST. • Translate security and compliance requirements into practical technical tasks for engineering, IT, and infrastructure teams.

🎯 Requirements

• 3–5 years of experience in cybersecurity, cloud security, DevOps, infrastructure, systems administration, security operations, compliance operations, or a related technical role. • Hands-on experience with AWS and/or Microsoft Azure, with the ability to work across both platforms. • Working knowledge of cloud security concepts, including IAM, network controls, encryption, logging, monitoring, workload security, and shared responsibility models. • Experience with common AWS security services such as IAM, CloudTrail, CloudWatch, GuardDuty, Security Hub, KMS, Config, S3 security, or VPC controls. • Experience with common Azure security services such as Microsoft Entra ID, Azure Policy, Defender for Cloud, Key Vault, Network Security Groups, Log Analytics, Sentinel, or related services. • Experience with vulnerability management tools such as Rapid7 InsightVM, Nexpose, InsightCloudSec, InsightIDR, or similar platforms. • Experience with SIEM, endpoint monitoring, log analysis, or security telemetry tools such as Wazuh, Rapid7 InsightIDR, Microsoft Sentinel, or similar platforms. • Familiarity with compliance automation, GRC, or audit readiness platforms such as Vanta, Compyl, or similar tools. • Ability to interpret vulnerability, cloud posture, endpoint, and compliance findings and prioritize remediation based on risk. • Working knowledge of secure configuration, patch management, asset inventory, evidence collection, vulnerability remediation, and exception management workflows. • Basic to intermediate scripting or automation experience using Python, PowerShell, Bash, Terraform, or similar tools. • Strong communication and documentation skills, including the ability to explain technical risks, write clear procedures, and recommend practical remediation options.

🏖️ Benefits

• Exceptionally generous paid time away from work • A variety of paid leave programs • Savings opportunities with 401(k) and incentive plans • Internal education programs • Full array of health benefits • Fitness reimbursement • Cell phone subsidy • Casual offices with snacks and drinks • Peer recognition programs • Health advocacy and employee assistance programs • Pet insurance