Remote Staff Cloud Security Engineer

Description:

• The Staff Cloud Security Engineer is a critical, hands-on technical role responsible for engineering, implementing, and automating robust security controls within cloud environments, primarily AWS with GCP considerations.
• This role is pivotal in maturing the cloud security posture, securing Included Health's product infrastructure, and preventing unauthorized PHI exfiltration.
• The engineer will help design and develop advanced security solutions through code (primarily Python and Go) and automation (Terraform) to address challenges in access control, development environment security, and infrastructure hardening.
• The position requires deep technical expertise in cloud security, strong software development skills for building security tools and automation, and a proactive approach to risk mitigation.
• The role involves collaborating with infrastructure software and engineering teams to drive a culture of security by design and implement solutions that reduce HIPAA incidents.
• This is a remote role reporting to the Chief Information Security Officer.

Requirements:

• A Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field is required.
• Candidates must have 5+ years of experience in cloud security, with a strong emphasis on designing, developing (primarily in Python and Go), and implementing security solutions in AWS.
• Proven hands-on software development experience, particularly in Python and Go, for security automation, building security tools, and infrastructure management is essential.
• Demonstrable experience designing and implementing robust authorization and access control frameworks (e.g., RBAC, ABAC, policy-as-code) and Just-In-Time (JIT) access solutions is required.
• Experience with Infrastructure as Code (IaC) with deep proficiency in writing and maintaining Terraform modules for security is necessary.
• Candidates should have experience with containerization (Docker, Kubernetes/EKS), including hands-on experience hardening containerized environments.
• Experience with SDLC security, CI/CD pipeline security integration, and secure software development practices is expected.
• Familiarity with security logging, monitoring, alerting tools (e.g., SIEM, AWS CloudTrail, CloudWatch, GuardDuty), and scripting against their APIs (Python, Go) is required.
• Experience with cloud security frameworks (especially HIPAA), regulations, and standards is necessary.

Benefits:

• The position offers a remote-first culture, allowing for flexible work arrangements.
• A 401(k) savings plan through Fidelity is included in the benefits package.
• Comprehensive medical, vision, and dental coverage through multiple medical plan options, including disability insurance, is provided.
• Paid Time Off (PTO) and Discretionary Time Off (DTO) are part of the benefits.
• The role includes 12 weeks of 100% Paid Parental leave.
• Family Building & Compassionate Leave benefits include fertility coverage, $25,000 for surrogacy/adoption, and paid leave for failed treatments, adoption, or pregnancies.
• Work-From-Home reimbursement is available to support team collaboration in home office work.