The Senior Cloud Security Engineer position at Smile Digital Health focuses on managing risk and security requirements for Managed Services in the cloud and on the Smile Digital Health platform.
The role involves evaluating technology controls, supporting audits, conducting risk assessments, investigating incidents, enhancing security, and supporting compliance programs with relevant privacy and security frameworks.
Responsibilities include performing security scanning and testing, conducting vulnerability assessments, ensuring compliance with security requirements, identifying gaps in processes, and assisting with remediation of control deficiencies.
The engineer will research and test security tools, generate reports and documentation, educate process owners on technology control frameworks, and assist with vendor security assessments and customer audits.
The position requires facilitating third-party attestations and audits, maintaining compliance with privacy laws, providing guidance on privacy risks, and integrating security technologies with ITSM tools.
The engineer will also respond to incidents and comply with privacy, security, and confidentiality policies.
Requirements:
A minimum of 5 years of experience with Linux, networking, Docker, and security, along with at least 3 years of experience in Azure, AWS, or GCP in containerized computing environments is required.
Proven ability to utilize various assessment tools and navigate logs to establish the root cause of issues is essential.
Experience with security tools and frameworks such as SOAR/SIEM, Vulnerability Scanners, IDS/IPS, and Cloud Security Posture Management is necessary.
A working knowledge of IT and Security compliance frameworks, including HITRUST, GDPR, SOC 2, ISO 27001, HIPAA, and PHIPA is required.
Candidates must have experience dealing with security issues and policy, as well as supporting audit and compliance requirements from a technical standpoint.
The ability to analyze system data, including security and network event logs, is essential.
Experience in access control and identity management for both on-premise and cloud environments is required.
Candidates must be able to accommodate a flexible schedule for audits and security incidents and participate in a regular on-call rotation.
Experience working with confidential and sensitive information and interfacing with senior business leaders as a technical resource is necessary.
A post-secondary education in IT security, networking, or a similar field is preferred.
Candidates must comply with background check requirements, which may include criminal, exclusion screening, credit, and education checks.
Benefits:
The position offers a remote work environment and a flexible time away from work policy, including PTO, personal, and sick days.
Competitive salary and health/medical benefits are provided.
Employees can contribute to RRSP/TFSA/401K plans.
Life and disability insurance, as well as an employee assistance program, are included.
Opportunities for professional development through the FHIR Study Program and Skillsoft Learning are available.
Employees can participate in the Super HAPI Fun Club.
Smile Digital Health values respect, inclusion, and diversity, fostering a workplace that empowers individuals to bring their authentic selves to work.