MDaudit is committed to maximizing revenue for healthcare organizations and embracing diversity within its team. They are seeking a Senior Cloud Security Engineer responsible for designing, implementing, and monitoring security systems for their SaaS platform, ensuring compliance and mitigating security risks.
Responsibilities:
- Serve as a SME in MDaudit's infrastructure and ecosystem
- Be a continuous learner of the MDaudit application
- Assist the Infrastructure lead with managing disaster recovery and penetration test projects. Requires building new infrastructure and integration
- Assist with the day-to-day management of the Azure production and development VPC
- Work with external vendors to gain HITRUST certification in a SaaS environment
- Support Azure security processes, blueprints, and documentation
- Support Azure infrastructure, including patch management and cybersecurity, using 3rd party tools
- Maintain employee on-boarding/off-boarding, password resets, white-listing customer ingress, resource provisioning & tear-down
- Coordinate and complete projects working with 3rd party vendors on penetration testing and Azure infrastructure management
- Develop and document robust security policies, guidelines, and procedures pertaining to the protection of systems and data, including disaster recovery, and ensure compliance
- Participate in security committee meetings and proactively advise of any potential security threats or risks to the platform
- Report actual or suspected breaches & vulnerabilities in the confidentiality, integrity, or availability of systems and data to the security committee or to the Manager of Data Security Engineering
- Answer security questionnaires from customers in assistance to the sales team and drive security-related discussions and documentation around the MDaudit Enterprise platform
- Support proof-of-concept initiatives to evaluate new technologies
- Provide periodic feedback on network performance for architecture group members
- Monitor and report on the progress of development projects
- Keep abreast of current trends in cloud security architectures and development environments
- Look for possible new revenue streams, applying existing and future system architectures to observed healthcare trends and problems
- Adhere to security policies, guidelines, and procedures pertaining to the protection of systems and data
- Review a list of users/accounts on a quarterly basis. Notify IT of users/accounts to be removed
- Identify data retention requirements
- Ensure data is retained only for the duration of its useful life and per compliance and contractual requirements
Requirements:
- Excellent verbal and written skills
- Project management and Agile skills
- Deep Knowledge of security frameworks and regulations relevant to healthcare and SaaS (HIPAA, NIST, HITRUST)
- 3-5 years of infrastructure, security, and architecture experience with cloud services, Azure preferred
- 5+ years of experience in information security, with a focus on threat detection, incident response, and security operations
- Experience with SIEM platforms, vulnerability management tools, and endpoint security solutions
- 3-5 years of demonstrated ability to design, create, and drive the implementation of systems to solve complex business problems
- Hands-on configuration and scripting for Azure cloud environments. Azure certification is a plus
- 3-5 years' experience with design, implementation, and administration of database systems like SQL Server, Snowflake, etc
- Training in Azure solution architecture – Security Specialty/SysOps Admin/Associate
- Demonstrated ability to integrate business and operational processes with technical solutions
- Experience with reporting tools required. BI and AI reports experience a plus
- A solid understanding of health care information systems
- Detailed knowledge of data modeling
- Healthcare industry certifications related to data and application security – preferred
- Experience with healthcare data (EDI Claims, Payments, and Clinical data) preferred
- T-SQL, PowerShell, Linux/Bash, Azure CLI, C# or other programming experience - preferred