Cloud Security Engineer - SecOps (AWS)
Remote - Seattle, Washington, United States
Olive’s AI workforce is built to fix our broken healthcare system by addressing healthcare’s most burdensome issues -- delivering hospitals and health systems increased revenue, reduced costs, and increased capacity. People feel lost in the system today and healthcare employees are essentially working in the dark due to outdated technology that creates a lack of shared knowledge and siloed data. Olive is designed to drive connections, shining a new light on the broken healthcare processes that stand between providers and patient care. She uses AI to reveal life-changing insights that make healthcare more efficient, affordable and effective. Olive’s vision is to unleash a trillion dollars of hidden potential within healthcare by connecting its disconnected systems. Olive is improving healthcare operations today, so everyone can benefit from a healthier industry tomorrow.
Our SecOps team is looking to add a Cloud Security Engineer to help us continue to improve the security of our Cloud Infrastructure.
- Research and proactively seek out ways to improve the company’s cloud security posture and then work with the appropriate teams to help them implement these improvements.
- Help develop and refine DevOps/SecOps processes for cloud deployments.
- Develop and deploy Container Security Automation, Cloud Security Automation.
- Perform security assessments, working closely with DevOps and Software Engineering teams on identifying security and privacy issues in AWS or Azure and finding solutions to provide required functionality securely.
- Work closely with compliance, security and legal teams to maintain security requirements in the Cloud for regulatory bodies such as HITRUST, HIPAA, SOX, and ISO standards.
- Work to implement and improve next-generation security controls like OPA/policy-as-code.
- Monitor AWS, Azure or consolidated security dashboards (Guard Duty, Security Hub, SecurityCenter, LogRhythm, VPC Flow Logs, Sentinel, etc) and respond appropriately.
- Create and manage security metric dashboards for use within the team and provide management reporting.
- Embrace changing requirements and be willing to refocus priorities rapidly.
- Be willing to constantly learn and apply what you’ve learned to keep up with rapidly-changing tools and technologies and to ask for help when you need it.
- Work with a variety of technical and non-technical people across multiple teams.
- Work independently with minimal supervision and self-motivation.
- 4+ years of Operations/Cloud experience.
- 2+ years of Cloud-specific security experience.
- Demonstrable production experience using AWS or Azure in a security capacity.
- Experience with Linux and Windows operating systems systems (RHEL, Ubuntu, AmazonLinux, CentOS, ContainerLinux, etc.) to include recommended security and hardening procedures.
- Understanding of source control (i.e. git) and CI/CD deployment pipelines to include recommended security and hardening procedures.
- Strong understanding of core security concepts like Principle of Least Privilege and Role-Based Access Control including the ability to apply these to improve security..
- Familiarity with containers and container-orchestration frameworks (like Kubernetes or EKS) including recommended security and hardening procedures.
- Familiarity with RDBMS and No-SQL database systems including recommended security and hardening procedures.
- Familiarity with security tools like SIEMs, CSP-specific security tools (SecurityHub or Security Center), Kali Linux, compliance tools, etc.
- Understanding of web security to include certificates, HTTPS, security headers, web front-end hardening, OWASP Top 10, WAFs, etc.
- Proficient in a scripting language (Bash, Python, Ruby, Perl, PowerShell, AWS/Azure CLI, etc.) and the ability to use such languages to extract audit and forensic data from logs and other data sources.
- Experience tracing down anomalous network/application behavior through the use of logs and basic forensics.
- Security certification: (i.e. CISSP, GIAC, CEH, Security+, Amazon Certified Security Speciality, Microsoft Certified: Azure Security Engineer)
At Olive, we're committed to growing and empowering an inclusive community within our company and industry. This is why we hire and cultivate diverse teams of the best and brightest from all backgrounds, experiences, and perspectives across our organization. Research shows that often times women and other minority groups only apply to open roles if they meet 100% of the listed criteria. Olive encourages everyone — including women, people of color, and those in the LGBTQIA+ community — to apply for our available positions, even if they don't necessarily check every box on the job description.
This job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee. Duties, responsibilities and activities may change or new ones may be assigned.
This job description does not constitute a contract of employment and Olive AI, Inc. may exercise its employment-at-will rights at any time.
We take the health and happiness of our employees seriously and consistently evaluate new ways to provide an amazing place to work. From retirement planning, to a wellness program designed to actively incorporate mental and physical wellness into daily interactions amongst fellow Olivians, we make sure to take care of our own.
- Health, Dental, and Vision insurance that starts on your first day at Olive with 100% of premiums covered for team members and 75% covered for dependents
- Monthly Grid stipend to cover work related expenses
- Unlimited PTO
- EAP/Mental health resources
- Getaways by Marriott Bonvoy
- Family-building and fertility support via Kindbody
- 12 weeks of parental leave
- 401(K) match
- Wellness program
- Stock Options
Explore more Information Security career opportunities
- Open Senior Infrastructure Security Engineer Jobs
- Open Threat Intelligence Response Analyst Jobs
- Open SOC Analyst Jobs
- Open Senior Penetration Tester Jobs
- Open IT Security Engineer Jobs
- Open Information Security Architect Jobs
- Open Principal Security Engineer Jobs
- Open Information Security Officer Jobs
- Open Staff Security Engineer Jobs
- Open Vulnerability Analyst Jobs
- Open Personnel Security Officer Jobs
- Open Infrastructure Security Engineer Jobs
- Open Chief Information Security Officer Jobs
- Open Senior Information Security Analyst Jobs
- Open DevOps Security Engineer Jobs
- Open Software Security Engineer Jobs
- Open Senior Information Security Engineer Jobs
- Open Sr. Software Engineer - Detection Engineering Jobs
- Open Senior Incident Response Analyst Jobs
- Open Staff Engineer, Cloud Security Jobs
- Open Privacy Manager Jobs
- Open IAM Engineer Jobs
- Open Threat Intelligence Analyst Jobs
- Open Manager, Cybersecurity and Trust Jobs
- Open Cybersecurity Analyst Jobs
- Open Clearance-related jobs
- Open NIST-related jobs
- Open PCI-related jobs
- Open Open Source-related jobs
- Open CEH-related jobs
- Open IDS-related jobs
- Open Forensics-related jobs
- Open Splunk-related jobs
- Open Machine Learning-related jobs
- Open Ruby-related jobs
- Open Intrusion detection-related jobs
- Open OSCP-related jobs
- Open Security assessments-related jobs
- Open IPS-related jobs
- Open Encryption-related jobs
- Open Threat detection-related jobs
- Open Docker-related jobs
- Open Cryptography-related jobs
- Open HIPAA-related jobs
- Open TCP/IP-related jobs
- Open DevSecOps-related jobs
- Open Unix-related jobs
- Open PowerShell-related jobs
- Open DNS-related jobs