Cloud Security DevOps

As a Cloud Security DevOps Engineer, you will use your subject matter expertise to support the organizational security risk program to continuously assess and minimize cybersecurity risk to all Alayacare entities and lines of business in the highly regulated healthcare services industry.   Reporting to the Director of Security Engineering, you will work in a team of professionals responsible for organizational security risk. You will possess extensive experience and certifications in cloud technologies and cybersecurity knowledge. You will use your subject matter expertise to perform threat risk assessments, due diligence, change review and cloud security guidance and advisory services to the team and other areas of
Engineering and business. You will work collaboratively with technology peers the organizations to
continuously improve our security posture despite existing and new threats. Most importantly you ENJOY what you do and constantly looking for ways to improve and be efficient using automation.   In this Role you will:  

• Drive the security of our AWS infrastructure with our SRE/DevOps teams with initiatives such as AWS security best practices with the Secure
  Environment Accelerator
• Securing containers and hardened images,   
• Lead the implantation security tooling, log collection, and automation for monitoring and forensic (SIEM, SOAR)
• Ensuring there is a strategy for patching and vulnerability management at the systems level and automate
• Review, Implement a BCP/DRP across all Platforms RBAC policies in a CI/CD environment and building tooling to help
  developers deploy secure software
• Security incident: Define and manage the Security Incident which should be aligned with the global incident management process
• Participate in security investigations and incident response
• Participate in tabletop and red team exercise
• Contribute to the development of KPIs and KRIs to measure and report on security risk and compliance via a combination of reports and
  analytics dashboards, with the team utilizing relevant analytics, GRC and Continuous Compliance Management solutions
• Assist with business case justifications and cost/benefit analyses for cybersecurity spending and initiatives

Qualifications:

• At least 8+ years of total experience in the field of cyber security.
• At least 4+ years of experience and hands-on expertise in cloud security management such as Infrastructure as Code, architecture design (application and infra), migration and operations for enterprise workloads. This includes working expertise with Amazon Web Services (AWS) or Google Cloud or Azure Cloud - at scale.
• Knowledge of Governance/ Compliance/Standards such as NIST, HIPAA, OWASP, GDPR ISO 27001.
• Knowledge and understanding across a wide range of technology domains and application frameworks and have ability to quickly grasp relationships of various disciplines
• Proven experience in DevSecOps and CI/CD implementation.
• Experience with security of architecture and design (design, security controls), distributed database, distributed computing and high frequency transactions is a big plus
• Strong experience with Microservices Architectures, Containers environment.
• Experience in AWS Cloud development (C#, .Net, Python, PHP, SQL and REST APIs) is a huge plus.
• Experience in Vulnerability Management concept and tools (Snyk, SonarCloud) and Breach Attack Simulation (BAS).
• Experience with cloud networking design and concepts including VPC, subnets, NAT, firewalls, WAF, etc.
• Experience delivering large scale, highly available security solutions
• Excellent communication skills with Strong business and technical vision
• Experience demonstrating strong leadership, self-motivation, and accountability
• Experience on leading complex projects cross-functionally
• Must have certifications AWS cert - Professional Sol Architect or AWS Security specialty. GCP cert: Professional Cloud Security Engineer. Azure Cert: AZ303/304
• Good to have certifications - CISSP, CCSP, OSCP

What we offer our employees: 

• Shares in AlayaCare, where we all benefit from our growth and success  
• SuperFlex workforce model: work where you feel most engaged and productive, whether that be at home or in one of our offices   
• Competitive compensation packages  
• Comprehensive group benefits program 
• Annual Wellness and Productivity Allowances  
• Annual volunteer hours, sponsored by AlayaCare 
• Fun and inclusive in-person and virtual company-wide events and activities  
• A highly engaging environment, fast-growing, global, and well-funded company 

If you are looking to take your career to the next level and to help caregivers deliver better health outcomes, we want to hear from you! If this role isn't for you but you know someone who could be the perfect fit, feel free to share this opportunity.