Sr. Cloud Security Engineer at Abacus Insights
Abacus Insights is a mission-driven, start-up technology company that is focused on improving health outcomes, lowering the cost of healthcare, and delivering a more seamless healthcare experience. At our core, we are passionate about advancing healthcare and improving people’s lives through technology.
With our deep expertise in cloud-enabled technologies and knowledge of the healthcare industry, we have built an innovative data integration and management platform that allows healthcare payers access to data that has been historically siloed and inaccessible. Through our platform, these health insurance payers can ingest and manage all the data they need to transform their business by supporting their analytical, operational, and financial needs.
Through this mission and passion to aid people and population health, we have built a highly successful SaaS business that is heavily funded (since our founding in 2017 we have over 18 million) by leading VC firms who have deep expertise in the healthcare and technology industries. At Abacus, we are solving problems of massive scale and complexity in an industry that is not only ripe for disruption but requires innovation. We see massive growth in our future and would love for you to be a part of it!
Apply if you are…
- Excited about Cyber Security and have expert knowledge of cybersecurity concepts, risk management, and threat modeling.
- Energized about working in a Start-up Organization building a cloud-native security program
- Desire to work with a talented team that is motivated to move the needle on some of the most pressing challenges in healthcare
- Experienced with security frameworks on cloud platforms (AWS, GCP, Azure), and protecting data in a variety of ways including anti-virus, firewalling, intrusion detection, and advanced analytics.
You should expect to….
- Build, monitor and proactively manage the security of our AWS environment.
- Evaluate, architect, implement, and support security-focused tools and services.
- Independently design, develop, deploy and maintain security management technologies in all phases of an agile service development and deployment life cycle.
- Designs, integrates, and tests a suite of tools for security management of multi-tenant private and public cloud application services.
- Recommends configuration changes to improve the performance, usability, and value of cyber analysis tools.
- Develop prototype resource definitions in AWS and Azure using infrastructure as code processes and tools.
- Advise and consult with service teams on risk assessment, threat modeling, and vulnerability remediation.
- Integrate knowledge of Cloud Security fundamentals, including cryptography and the shared responsibility model into our services.
- Leverage your strong teamwork and collaboration skills as you and your teammates engage with other engineering and operations teams spanning the entire technology stack – endpoints, networks, databases, and applications – to engineer and deploy cutting-edge defensive solutions to modern threats
- Evangelize security within Amazon and be an advocate for customer trust
- Evaluate and continuously improve controls and processes to increase security, eliminate vulnerabilities, improve system performance, reduce waste and lower cost
- Train other team members on cybersecurity concepts and lead periodic IT security controls testing such as network penetration tests, phishing simulations, social engineering simulations, and use the test results to suggest enhancements and remediations to business processes, employee training etc.
- Stay abreast of security threats and security technologies
Terrific if you have…
- BS in computer science, networking, information systems, computer engineering, or 6+ years’ equivalent experience
- 2-4 years’ experience (preferred) with security management of cloud-based services (SaaS) in a fast-paced Agile environment, preferably in AWS.
- 5-8 years of combined IT and security work experience with a broad range of exposure to systems analysis, application development, networking, systems administration
- Experience with AWS Security & Encryption components such IAM Policy, Cloud HSM, KMS, AWS Organizations, CloudTrail, SSO, GuardDuty, etc.).
- Engineers that are AWS-certified Solutions Architects (Associate level), or Security Specialists will receive maximum consideration.
- Experience architecting, deploying and managing a suite of security management tools, including tools for: WAF, SIEM, log management, DDOS protection, Pen-testing, vulnerability management, static/dynamic code analysis, and anti-malware.
- Hands-on experience with security management of virtual machines, containers, and applications.
- Strong knowledge of public key cryptography, web services SSO strategies, CVSS scoring
- Demonstrated knowledge of, and curiosity about emerging cyber trends, tools, and threats
- Demonstrated sense of ownership, urgency, drive, and delivery based on prior experience
- Familiarity with one or more major information security control or auditing frameworks (such as (SOC2, HITRUST, or NIST)