Cloud Security Engineer - SecOps (AWS)

Remote - Seattle, Washington, United States

Applications have closed

Olive

Olive is purpose-built for healthcare, improving operational efficiency for provider and payer teams with intelligent automation.

View company page

Olive’s AI workforce is built to fix our broken healthcare system by addressing healthcare’s most burdensome issues -- delivering hospitals and health systems increased revenue, reduced costs, and increased capacity. People feel lost in the system today and healthcare employees are essentially working in the dark due to outdated technology that creates a lack of shared knowledge and siloed data. Olive is designed to drive connections, shining a new light on the broken healthcare processes that stand between providers and patient care. She uses AI to reveal life-changing insights that make healthcare more efficient, affordable and effective. Olive’s vision is to unleash a trillion dollars of hidden potential within healthcare by connecting its disconnected systems. Olive is improving healthcare operations today, so everyone can benefit from a healthier industry tomorrow.


Our SecOps team is looking to add a Cloud Security Engineer to help us continue to improve the security of our Cloud Infrastructure.


Responsibilities

  • Research and proactively seek out ways to improve the company’s cloud security posture and then work with the appropriate teams to help them implement these improvements.
  • Help develop and refine DevOps/SecOps processes for cloud deployments.
  • Develop and deploy Container Security Automation, Cloud Security Automation.
  • Perform security assessments, working closely with DevOps and Software Engineering teams on identifying security and privacy issues in AWS or Azure and finding solutions to provide required functionality securely.
  • Work closely with compliance, security and legal teams to maintain security requirements in the Cloud for regulatory bodies such as HITRUST, HIPAA, SOX, and ISO standards.
  • Work to implement and improve next-generation security controls like OPA/policy-as-code.
  • Monitor AWS, Azure or consolidated security dashboards (Guard Duty, Security Hub, SecurityCenter, LogRhythm, VPC Flow Logs, Sentinel, etc) and respond appropriately.
  • Create and manage security metric dashboards for use within the team and provide management reporting.
  • Embrace changing requirements and be willing to refocus priorities rapidly.
  • Be willing to constantly learn and apply what you’ve learned to keep up with rapidly-changing tools and technologies and to ask for help when you need it.
  • Work with a variety of technical and non-technical people across multiple teams.
  • Work independently with minimal supervision and self-motivation.

Requirements

  • 4+ years of Operations/Cloud experience.
  • 2+ years of Cloud-specific security experience.
  • Demonstrable production experience using AWS or Azure in a security capacity.
  • Experience with Linux and Windows operating systems systems (RHEL, Ubuntu, AmazonLinux, CentOS, ContainerLinux, etc.) to include recommended security and hardening procedures.
  • Understanding of source control (i.e. git) and CI/CD deployment pipelines to include recommended security and hardening procedures.
  • Strong understanding of core security concepts like Principle of Least Privilege and Role-Based Access Control including the ability to apply these to improve security..
  • Familiarity with containers and container-orchestration frameworks (like Kubernetes or EKS) including recommended security and hardening procedures.
  • Familiarity with RDBMS and No-SQL database systems including recommended security and hardening procedures.
  • Familiarity with security tools like SIEMs, CSP-specific security tools (SecurityHub or Security Center), Kali Linux, compliance tools, etc.
  • Understanding of web security to include certificates, HTTPS, security headers, web front-end hardening, OWASP Top 10, WAFs, etc.
  • Proficient in a scripting language (Bash, Python, Ruby, Perl, PowerShell, AWS/Azure CLI, etc.) and the ability to use such languages to extract audit and forensic data from logs and other data sources.
  • Experience tracing down anomalous network/application behavior through the use of logs and basic forensics.
  • Security certification: (i.e. CISSP, GIAC, CEH, Security+, Amazon Certified Security Speciality, Microsoft Certified: Azure Security Engineer)

At Olive, we're committed to growing and empowering an inclusive community within our company and industry. This is why we hire and cultivate diverse teams of the best and brightest from all backgrounds, experiences, and perspectives across our organization. Research shows that often times women and other minority groups only apply to open roles if they meet 100% of the listed criteria. Olive encourages everyone — including women, people of color, and those in the LGBTQIA+ community — to apply for our available positions, even if they don't necessarily check every box on the job description.

Disclaimer:

This job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee. Duties, responsibilities and activities may change or new ones may be assigned.

This job description does not constitute a contract of employment and Olive AI, Inc. may exercise its employment-at-will rights at any time.

Benefits

We take the health and happiness of our employees seriously and consistently evaluate new ways to provide an amazing place to work. From retirement planning, to a wellness program designed to actively incorporate mental and physical wellness into daily interactions amongst fellow Olivians, we make sure to take care of our own.

  • Health, Dental, and Vision insurance that starts on your first day at Olive with 100% of premiums covered for team members and 75% covered for dependents
  • Monthly Grid stipend to cover work related expenses
  • Unlimited PTO
  • Telemedicine
  • EAP/Mental health resources
  • Getaways by Marriott Bonvoy
  • Family-building and fertility support via Kindbody
  • 12 weeks of parental leave
  • 401(K) match
  • Wellness program
  • Stock Options

Tags: Automation AWS Azure Bash CEH CI/CD CISSP Cloud Compliance DevOps Forensics GIAC HIPAA HITRUST Kali Kubernetes Linux LogRhythm OWASP Perl PowerShell Privacy Python Ruby Scripting SecOps Security assessment SQL Ubuntu Windows

Perks/benefits: 401(k) matching Equity Fertility benefits Flex vacation Health care Parental leave Team events Unlimited paid time off Wellness

Regions: Remote/Anywhere North America
Country: United States
Job stats:  30  0  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.