- Job Type: Full-Time
- Function: IT
- Industry: Enterprise
- Post Date: 09/15/2023
- Website: cleardata.com
- Company Address: 835 W 6th St, Austin, Texas 78703, US
About ClearDATAHealthcare leaders across the globe trust ClearDATA to protect their sensitive data and securely accelerate their digital transformation in the cloud. With proprietary, healthcare-specific SaaS and services, ClearDATA operationalizes cloud, privacy and security – demonstrating compliance, remediating risk and securing health data in the cloud.
ClearDATA is seeking a talented Information Security Engineer to join our rapidly growing organization. The Information Security Engineer will be responsible for support of the day-to-day security operations of a hybrid environment; built across the AWS, Azure, and Google clouds. This includes supporting and maintaining a range of information security products that monitor and provide security intelligence across all ClearDATA internal infrastructure. The Information Security Engineer will partner with our IT Team, Compliance Team, and Product Team to coordinate and facilitate the compliance of ClearDATA security policies and procedures. They will work jointly with the IT Team and other Security Team members to identify and implement automation within the security toolchain. They will participate in projects with regards to security scope and fill an active role in all audit activities. This role works closely with the Compliance Team as part of the CIRT team during security incidents.
What You’ll Do:
- Develop, maintain, and implement security tooling with a focus on enhancing and integrating commercial security software with internal systems and automation.
- Conduct and manage vulnerability scanning across AWS, Azure, and Google cloud. Work closely with IT, Product Engineering, and other teams to remediate findings.
- Be a relentless champion of automation and eliminating manual work with tools like Terraform, Cloudformation, etc.
- Continuously maintain and enhance runtime protection policies and SIEM parsing rules.
- Respond to operational security alerts, analyze logs and XDR findings via the SIEM to identify signs of potential security incidents or anomalies for further investiagion and remediation.
- Participate in incident response with security team members and other departments as a member of the CIRT to investigate and remediate security events as required.
- Identify root causes, prioritize threats and recommend and/or implement corrective action for security related issues, injecting automation where feasible.
- Help develop and enforce the integration of an access management strategy centered around single sign on into AWS, Azure, and Google cloud as well as any other platform utilized by the organization. Utilize your expertise in IAM to solve complex problems and develop effective least privilege access methods for ClearDATA employees.
- Advocate and enforce policies, procedures, and associated plans for system security administration and user system access.
- Oversee and participate in security assessments and audits, collaborate with other departments to develop and execute remediation plans.
- Prepare, review, and present technical reports and briefings.
- Help colleagues understand information security management.
- Participate as a project team member and conduct security reviews of proposed implementations of company systems and applications.
What You’ll Need:
- 3-5 years as a Security Engineer or DevOps Engineer with a strong focus on security.
- AWS Certified DevOps Engineer or Solutions Architect, or an equivalent certification in Azure or Google Cloud.
- Must possses an exceptionally strong grasp of at least one programming language (Python, Ruby, Powershell, Golang, etc) and one Infrastructure as code framework (Terraform, CloudFormation, etc.)
- Proven ability to design, test, and implement automation and other technical solutions.
- Proven ability to self manage long term projects, meet timelines, business requirements, and budgets.
- Experience hardening and maintaining cloud environments.
- Experience with DevOps concepts and CI/CD technologies.
- Experience with Enterprise level Vulnerability Management/Pen-Test solutions
- Experience managing Enterprise level SIEM solutions.
- Experience with runtime protection and endpoint management solutions (TrendMicro CloudOne, SentinelOne, Automox, Rapid7 Insight Agent)
- Experience managing IDS/IPS implementation and tuning
- Experience with a variety of industry and regulatory frameworks such as SOC2 and HITRUST.
- Experience leading Incident Management activities
- Must possess excellent written and verbal communication skills
- Must possess strong customer service attitude and interpersonal skills
- Impeccable attention to detail passion for processes and systems
- Must participate in 24/7 365 on call rotation
Why You’ll Like Working Here:
- A dynamic company that rewards high-performers
- Be on the cutting edge of new technologies and services
- Collaborative team environment that values multiple perspectives and fresh thinking
- Flexible working hours
- Medical Dental Vision HSA Life and 401K
- Unlimited Vacation!
- Salary Budget Range: $115,000-$125,000