Cloud Security Engineer I

Title: Cloud Security Engineer I  

Location: Midtown  

Org Unit: IT Security 

Work Days: Monday-Friday 

Exemption Status: Exempt

Salary Range: $101,600.00 - $113,500.00  

*As required under NYC Human Rights Law Int 1208-2018 - Salary range for this role when Hired for NYC Offices 

Position Summary

This position involves all technical aspects of security and requires participation in project-oriented work. Works closely with other domain engineers and architects to help drive the innovation, evolution, and design of Weill Cornell Medicine’s enterprise cloud computing platforms. This position provides the opportunity to participate in multiple areas of IT cloud infrastructure by using risk analysis, industry knowledge, security standards, and other tools to develop and implement security solutions for our environment without diminishing productivity.

Job Responsibilities

• Assists architects and senior engineers to implement security and identity environments and ensure related controls run optimally and effectively.
• Identifies opportunities for efficiency improvements. Leads related efforts through automation and orchestration of repeatable tasks.
• Evangelizes security and secures practices while promoting and maintaining a favorable and positive work environment for yourself and others to assist in the overall mission of the medical college and hospital.
• Assists in event monitoring and incident response activities. Includes assisting in creation and execution of playbooks.
• Assists in developing and maintaining metrics and reports to provide senior management insight and evidence supporting effectiveness of security infrastructure, controls, projects, and processes.
• Responsible for innovative security work identifying, deploying, and integrating security, identity, and related technologies.
• Maintains an awareness of ever evolving cyber threats and continuously updates skillset as needed.
• Performs other related duties as assigned

Education

• Bachelor's Degree in related field

Experience

Minimum Requirements:

• IT-related bachelor’s degree or three years of experience with security-related technologies.
• Three years of hands-on experience implementing and managing security controls according to best practices.
• Experience with one or more common scripting and/or programming languages (e.g., Python, PowerShell, Bash, Java, etc.)
• Experience configuring and analyzing logs from a variety of different systems and applications particularly as it relates to event monitoring and incident response activities.
• Knowledge of common networking and service protocols (e.g., TCP/IP, HTTPS, SSH).

Highly Desired Requirements:

• A passion for building cloud environments while taking a practical and balanced approach to security and privacy highly desired
• Extensive experience with infrastructure as code principles and tools such as Terraform highly desired
• Experience with multiple cloud technologies (SaaS, PaaS, IaaS) and making recommendations on their use and security highly desired
• Relevant information security or certifications e.g., (ISC)² CCSP or CISSP, or SANS/GIAC GCLD, GPCS, GCPN, or GCSA highly desired
• Experience with Information Technology processes at a health care or academic institution and knowledge of related regulatory requirements (e.g., HIPAA, FERPA, PCI, etc.) highly desired
• Comfortable working with technologies at all layers of the OSI model highly desired

Knowledge, Skills and Abilities

• Ability to think outside the box in terms of designing systems and solutions.
• Ability to deliver under tight deadlines.
• Ability to create and present documentation, diagrams, reports for technical and non-technical audiences.
• Ability to work with minimal supervision in a very demanding and high-pressure environment.
• A strong team player that desires to educate and help people of various backgrounds and skill levels.
• Familiarity with SharePoint, Box, Confluence, ServiceNow or similar documentation storage and management systems.
• Experience solving problems and making important decisions with minimal supervision.
• Excellent written and verbal communication skills on both technical and non-technical topics.

Licenses and Certifications

Working Conditions/Physical Demands

• Works off-hours as needed.

Weill Cornell Medicine is a comprehensive academic medical center that is committed to excellence in patient care, scientific discovery, and the education of future physicians and scientists in New York City and around the world. Our doctors and scientists - faculty from Weill Cornell Medical College, Weill Cornell Graduate School of Medical Sciences, and the Weill Cornell Physician Organization - are engaged in world-class clinical care and cutting-edge research that connect patients to the latest treatment innovations and prevention strategies. Located in the heart of the Upper East Side's scientific corridor, Weill Cornell Medicine's powerful network of collaborators extends to its parent university Cornell University; to Qatar, where an international campus offers a U.S. medical degree; and to programs in Tanzania, Haiti, Brazil, Austria and Turkey. Our medical practices serve communities throughout New York City, and our faculty provide comprehensive care at NewYork-Presbyterian Hospital/Weill Cornell Medical Center, NewYork-Presbyterian/Lower Manhattan Hospital, NewYork-Presbyterian Hospital/Brooklyn Methodist Hospital, NewYork-Presbyterian Hospital/Westchester Behavioral Health Center, and NewYork-Presbyterian/Queens. At Weill Cornell Medicine, we work together to treat each individual, not just their conditions or illnesses, as we strive to deliver the finest possible care for our patients - the center of everything we do. Weill Cornell Medicine is an Equal Employment Opportunity Employer. Weill Cornell Medicine provides equal employment opportunities to all qualified applicants without regard to race, sex, sexual orientation, gender identity, national origin, color, age, religion, protected veteran or disability status, or genetic information.