Cloud Security Analyst
Boston, Massachusetts, United States - Remote
Applications have closed
Panalgo
Panalgo's healthcare analytics platform allows you to focus on what matters most, turning data into insights.Panalgo’ s mission is to improve healthcare and access to therapies through innovative analytics. Our team has built a next-generation analytics platform, Instant Health Data (IHD), to bring researchers together to generate insights into market access, improving population health, quality of care, and managing costs. You’ll work with an interdisciplinary staff from outcomes research, informatics, epidemiology, medicine, and software development backgrounds to further the company’s mission of improving healthcare through innovative data analytics.
We are seeking a skilled and experienced Cloud Security Analyst to join our team. As a Cloud Security Analyst, you will play a crucial role in ensuring the security and compliance of our cloud infrastructure. Your expertise in Linux and Windows system administration, along with proficiency in various security technologies, will be essential to safeguarding our organization's assets and data against potential security threats and vulnerabilities.
Responsibilities- Design, implement, and maintain robust security measures for our cloud infrastructure, with a focus on Linux and Windows systems within an AWS environment
- Conduct comprehensive security assessments, vulnerability scans, and penetration tests using Nessus and other industry-leading tools to identify and remediate potential risks
- Monitor and analyze system logs, security event data, and network traffic using advanced SIEM solutions like Splunk, ELK Stack (Elasticsearch, Logstash, Kibana), or QRadar to proactively detect and respond to security incidents, intrusions, and anomalies
- Develop and enforce security policies, standards, and procedures for cloud-based systems, ensuring compliance with industry regulations and frameworks such as HITRUST CSF, PCI DSS, and NIST SP 800-53
- Collaborate closely with cross-functional teams to implement and configure security controls and technologies, including next-generation firewalls (e.g., Palo Alto Networks, Fortinet), intrusion detection/prevention systems (e.g., OSSEC, Snort, Suricata), and secure web gateways (e.g., Zscaler, Cisco Umbrella)
- Perform in-depth security reviews and risk assessments of third-party vendors and cloud service providers, evaluating their adherence to security standards and conducting comprehensive audits
- Stay up to date with emerging cloud security trends, vulnerabilities, and advanced persistent threats (APTs) to proactively mitigate potential security risks
- Provide expert guidance and support to internal teams on secure cloud architecture, configuration, and deployment practices, leveraging AWS services such as AWS WAF, AWS CloudHSM, and AWS Secrets Manager
- Contribute to incident response activities, including investigating security breaches, applying forensic techniques, and collaborating with stakeholders to develop containment, recovery, and prevention strategies
- Drive the development and implementation of security awareness and training programs to promote a culture of security awareness and ensure all employees understand their roles and responsibilities in maintaining a secure cloud environment
- Proficiency in Linux and Windows system administration, including installation, configuration, and troubleshooting in cloud environments
- Strong understanding and practical experience in AWS cloud security services, including EC2, S3, IAM, VPC, CloudTrail, AWS Config, and AWS Security Hub
- Experience with vulnerability assessment tools such as Nessus, and proficiency in conducting penetration testing and vulnerability management activities
- In-depth knowledge of SIEM solutions like Splunk, ELK Stack (Elasticsearch, Logstash, Kibana), or QRadar for log analysis, correlation, and threat detection
- Familiarity with network security technologies such as next-generation firewalls (Palo Alto Networks, Fortinet), intrusion detection/prevention systems (Snort, Suricata), and secure web gateways (Zscaler, Cisco Umbrella)
- Understanding or exposure to security compliance frameworks and standards such as HITRUST CSF, PCI DSS, HIPAA, ISO 27001, and NIST SP 800-53 and how it maps to real-world tooling
- Experience with encryption technologies, SSL/TLS protocols, secure network communication, and cryptographic concepts
- Proficiency in scripting and automation using languages such as Python, PowerShell, or Bash for security-related tasks
- Excellent problem-solving skills and the ability to work effectively in a dynamic, fast-paced environment
- Strong written and verbal communication skills, with the ability to articulate complex security concepts to technical and non-technical stakeholders
- Experience with other cloud platforms such as Microsoft Azure or Google Cloud Platform or private clouds
- Knowledge of containerization technologies and security best practices (Docker, Kubernetes) and related tools like Twistlock or Aqua Security
- Familiarity with DevOps principles and integrating security into CI/CD pipelines using tools like Jenkins, GitLab, or Azure DevOps
- Certifications in relevant cloud security domains (e.g., AWS Certified Security Specialty, Certified Cloud Security Professional - CCSP)
Why be a Part of Panalgo
- Leading healthcare data analytics/ big data company.
- Work on a team of talented engineers and analysts.
- Work to smooth patient access to critical therapies.
- Strong corporate culture.
- Great mentorship and professional growth opportunities.
- Remote / Hybrid work opportunities
Benefits
The expected base salary for this position ranges from $150,000 to $250,000. It is not typical for offers to be made at or near the top of the range. Salary offers are based on a wide range of factors including relevant skills, training, experience, education, and, where applicable, licensure or certifications obtained. Market and organizational factors are also considered.
What we offer you:
- Medical and prescription drug benefits
- Health savings accounts or flexible spending accounts
- Dental plans and vision benefits
- Basic life and AD&D Benefits
- 401k retirement plan
- Short and Long Term Disability
- Education benefits
- Paid parental leave
- Unlimited paid time off
Panalgo provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.
This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.
#LI-REMOTE
Tags: Analytics Audits Automation AWS Azure Bash Big Data CCSP CI/CD Cloud Compliance Data Analytics DevOps Docker EC2 Elasticsearch ELK Encryption Firewalls GCP GitLab HIPAA HITRUST IAM Incident response Intrusion detection ISO 27001 Kubernetes Linux Log analysis Nessus Network security NIST NIST 800-53 PCI DSS Pentesting PowerShell Python QRadar Risk assessment S3 Scripting Security assessment SIEM Snort Splunk Threat detection TLS Twistlock Vulnerabilities Vulnerability management Vulnerability scans Windows
Perks/benefits: 401(k) matching Career development Flex vacation Health care Medical leave Parental leave Unlimited paid time off
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Security Operations Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open Clearance-related jobs
- Open Windows-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open IDS-related jobs
- Open DevOps-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open IPS-related jobs