Key skills
Cloud security (AWS/Azure)Security automationSIEMIAMVulnerability managementHIPAA complianceDevSecOpsContainer securityAnalytical skillsPythonBashPowerShellAWSAzureGCPTerraformJenkinsAnsibleServerlessEKSCloudFormationLambdaAzure ADEntra IDBitbucketSaaSCI/CDSnykPenetration Testing
About this role
Reveleer is a company focused on safeguarding cloud-based healthcare SaaS platforms. The Senior Information Security Engineer will design, implement, and manage security solutions to protect customer data and ensure compliance with regulatory frameworks.
Responsibilities:
- Design and maintain secure architectures across AWS, Azure, and GCP environments
- Implement guardrails and controls using services such as AWS Security Hub, GuardDuty, Config, and IAM
- Conduct regular vulnerability scans, configuration reviews, and remediation tracking for infrastructure and workloads
- Develop and enforce network segmentation, encryption, and key management policies
- Collaborate with DevOps and Engineering to integrate security into CI/CD pipelines (Snyk, StackHawk, etc.)
- Perform threat modeling, code reviews, and secure design reviews for microservices and APIs
- Support penetration testing and application security validation efforts
- Help ensure PHI/PII is protected across all SaaS platforms
- Manage and enhance EDR/XDR solutions (e.g., Cortex, Defender for Endpoint)
- Implement and monitor identity security controls through Microsoft Entra ID (Azure AD), Conditional Access, and PIM
- Support Intune and MDM compliance policies for Windows, macOS, and mobile devices
- Monitor alerts, investigate incidents, and coordinate responses with the SOC
- Develop and improve incident response runbooks, playbooks, and forensic analysis procedures
- Support SIEM integrations and continuous improvement of detection use cases
- Support audits and evidence collection for HIPAA, HITRUST, SOC 2, and customer security assessments
- Maintain asset inventories, risk registers, and remediation tracking
- Collaborate with Compliance to ensure alignment between security controls and policies
- Contribute to security awareness and training initiatives
Requirements:
- Bachelor's degree in Computer Science, Information Security, or equivalent experience
- 5+ years of experience in security engineering or related technical security roles
- Strong knowledge of cloud-native security (AWS, Azure) and modern SaaS architectures
- Hands-on experience with SIEM, EDR/XDR, IAM, vulnerability management, and security automation
- Familiarity with HIPAA, HITRUST, and SOC 2 requirements
- Experience securing containerized and serverless workloads (e.g., EKS, Lambda)
- Certifications such as CISSP, CISM, CCSP, AWS Security Specialty, or GIAC (GSEC, GCIA, GCIH)
- Experience with Terraform, Ansible, or CloudFormation for infrastructure-as-code security
- Experience in DevSecOps pipelines and tools (e.g., Jenkins, Bitbucket)
- Strong scripting skills (Python, PowerShell, or Bash)