Senior Cloud Security Engineer

PointClickCare is the leading North American cloud-based healthcare software for the acute and long-term and post-acute care markets. For over 20 years, the company has held the same vision – to help the world care for vulnerable populations. Since its inception, PointClickCare has grown exponentially with over 1,700 employees today all working towards impacting the lives of millions. Recognized by Forbes as one of the Top 100 Private Cloud Companies and acknowledged by Waterstone Human Capital as Canada’s Most Admired Corporate Culture, PointClickCare leads the way in creating cloud-based software. With its recent acquisition of Collective Medical, PointClickCare solidifies its position as a high growth healthcare software provider, serving over 21,000 long-term and post-acute care providers and over 1,300 hospitals. Their shared mission to support vulnerable populations is allowing PointClickCare and Collective Medical to connect disparate points of care at scale faster than anyone else in the market.
For more information on PointClickCare, please connect with us on Glassdoor and LinkedIn.
We are looking for a talented, experienced Senior Cloud Security Engineer who will play a fundamental role and be part of a team that designs, protects, and manages security services for PointClickCare’s cloud infrastructure, supporting both corporate cloud solutions and PointClickCare product offerings delivered via the cloud as Software as a Service (SaaS) platform. The successful candidate should think of infrastructure as code and actively identify, design, and develop and implement security configurations and compliance as code solutions.    The Senior Cloud Security Engineer will have a proven track record developing and implementing security tools, technologies, and process integrations for cloud-based architectures., and significant prior experience working closely with product and DevOps Engineers and/or SRE’s on security requirements. Experience with DevOps environments and Azure & AWS security controls is a strong plus. The position will be part of our larger Security & Trust Team and will have an opportunity to take on other challenges and responsibilities as needed.

Responsibilities

• Implement, develop, engineer and tune cloud security solutions including cloud native and third-party security solutions, such as data loss prevention (DLP), digital rights management (DRM), identity management, endpoint protection, SIEM and other security solutions.
• Participate in projects and work with the Project team to support ongoing activities and project deliverables.
• Stay abreast of emerging technologies, cloud security best practices, frameworks, and threats to proactively assess and evaluate secure solutions, to address threats, and potential vulnerabilities.
• Participate in developing security standards and best practices appropriate for PointClickCare and recommend security enhancements to Security team leadership.
·       Participate in proof of concepts and other technical evaluations of technologies, designs and solutions and provide recommendations.
• Development and maintenance of KPIs, KRIs, and SLAs
• Act as an expert in cyber security incident resolution and analysis as needed.

Essential Qualifications

• Extensive experience as Cloud Engineer or Cloud Admin engineering, tuning, cloud security controls  
• Extensive experience with Cloud, virtualization, container, docker, Kubernetes (AWS, GCP or Azure)
• Experience working with Python, PowerShell, Ruby, Bash, RegEx, JSON, Query DSL, Kusto Query Language (KQL) or other automation, plus Terraform, Ansible
• Good understanding of Azure infrastructure components: server, storage, network, data, and applications (IAAS/PAAS/SAAS)
• Experience with of Automation frameworks, DevSecOps best practices, etc.
• Strong Unix/Linux experience with familiarity with Windows/Linux administration and hardening guidelines
• Bachelor's Degree in Computer/Software Engineering, orthe equivalent combination of training, education, and experience.
• Strong understanding of Threat Modeling including Threat Detection & Prevention
• Must demonstrate the ability to interact professionally with a diverse group of stakeholders including subject matter experts and strong analytical and problem-solving skills are required for this role.
• Ability to quickly learn and develop expertise in highly complex existing applications and architectures. Attitude to thrive in a high-production, customer-oriented environment.
• Ability to contribute to multiple projects / demands simultaneously. Strong team player. Strong documentation skills and keen attention to detail. 
• Excellent communication skills 

Preferred Qualifications

• Certification: Azure Security Engineer Associate  
• Strong knowledge of MITRE ATT&CK framework
• One or more of the following Security certifications: GIAC, CISSP, CISM, CISA, CEH.
• Knowledge of relevant security and privacy legislation as NIST, PHIPA, PIPEDA, HIPAA
• Significant experience with multiple technical tools including: DLP (Data Loss Prevention), Anti-Virus,  EDR (Endpoint Detection Response),  MDM (Mobile Device Management), IDS, cloud security access broker, Virtual Network security, DDOS protections, DNS, etc.
• Detailed proficiency with Linux (or similar) operating systems;
• In depth understanding of TCP/UDP/ICMP/IP protocols;
• Experience with PKI, SSL, SSH, HTTPS, etc;
• Understanding of software development domain and principles, including design patterns, code structure, programming languages, continuous integration (Git), continuous deployment (Jenkins), and deployment orchestration
• Detailed understanding of Virtual Network Technologies Routers, switches, Load Balancers, firewalls, proxy, etc. 

It is the policy of PointClickCare to ensure equal employment opportunity without discrimination or harassment on the basis of race, religion, national origin, status, age, sex, sexual orientation, gender identity or expression, marital or domestic/civil partnership status, disability, veteran status, genetic information, or any other basis protected by law. PointClickCare welcomes and encourages applications from people with disabilities. Accommodations are available upon request for candidates taking part in all aspects of the selection process. Please contact recruitment@pointclickcare.com should you require any accommodations.
When you apply for a position, your information is processed and stored with Lever, in accordance with Lever’s Privacy Policy. We use this information to evaluate your candidacy for the posted position. We also store this information, and may use it in relation to future positions to which you apply, or which we believe may be relevant to you given your background. When we have no ongoing legitimate business need to process your information, we will either delete or anonymize it.  If you have any questions about how PointClickCare uses or processes your information, or if you would like to ask to access, correct, or delete your information, please contact PointClickCare’s human resources team: recruitment@pointclickcare.com