Cloud Security Engineer
- Job Title
- Cloud Security Engineer
- Job ID
- 27625378
- Work From Home
- Yes
- Location
- Remote, 34667
- Other Location
- Description
-
About M2GEN / Who we are
M2GEN is an oncology-focused health informatics solutions company that leverages clinical and molecular data to accelerate the discovery, development, and delivery of personalized therapies. Founded in 2006 with a mission to enable a collaborative approach to fight cancer, M2GEN facilitates the Oncology Research Information Exchange Network (ORIEN), an alliance of leading cancer centers that participate in the HIPAA-compliant, IRB-approved protocol, patient-consented Total Cancer Care (TCC) to gather de-identified clinical and genomic patient data for research purposes. M2GEN currently has over 300,000 total consented patients across a network of 18 cancer centers throughout the U.S.
We are a fast growing company, merging data and science to accelerate the discovery and delivery of precision medicine. Our purpose is to connect patients to a cure so they can lead better lives. If you are passionate about making a difference and creating and delivering health informatics solutions to impact the future of cancer care and predicting and meeting patient’s needs, join the team!
Learn more at www.m2gen.com
Role / What you will be doing
M2GEN’s Cybersecurity team seeks a motivated Cloud Security Engineer with experience in designing, securing, and maintaining an enterprise cloud environment. This role is responsible for protecting the cloud deployment footprint by providing expertise and security services focused on Certificate Management, Cloud Security, Network, Endpoint security, Identity Access Management, Vulnerability Management, and Security Information & Event Management.
Responsibilities (this is not an all-inclusive list; duties may evolve over time as business needs change)- This position will have technical responsibilities across enterprise, helping enable the team through automation & investigation of complex security issues for remediation.
- Engage in security monitoring by responding to alerts across security capabilities such as access management, cloud security, and network security.
- Assess and support implementation of automation via scripting and tools to eliminate manual tasks.
- Proactively identify deficiency in the security services that the team is responsible for and propose a plan for improvements.
- Understand and abide to all Information Security policies and control standards.
- Provide support to enable automated CI/CD pipeline for ongoing development of in-house applications in a secure manner.
- Ability to develop, document and implement security solutions and monitoring
- Adept understanding of the Cloud Security best practices in Azure, or AWS
- Proven experience with Microsoft technologies including Azure B2B and Application Security in Azure.
- Strong technical leader in the analysis, coordination, and remediation of information security vulnerabilities.
- Understanding of Cyber Security Frameworks.
- Manages the development, and execution of controls and defenses to ensure the security and risk mitigation of M2GEN information systems.
- Prioritizes high risk threats, summarizes the recommended actions, and works across and with IT business partners to address and remediate.
- Develops and maintains documentation on Cybersecurity Operations, incident playbooks and runbooks, process workflows, incident handling and response capabilities.
- Conducts root cause analysis and optimize security incidents through lessons learned process.
- Proactively monitors, analyzes, and provides guidance on security vulnerabilities and incidents to support remediation activities.
- Researches and provides guidance on Zero-day vulnerabilities and emerging threats.
- Assist in optimizing M2GEN’s Cybersecurity Program by implementing Cybersecurity Standards and processes.
- Provide guidance on existing and emerging threats as they apply within the M2GEN environment.
- Provide subject matter expertise on M2GEN’s attack surface management tools and services, including vulnerability scanning, EDR, and other tools focused on identifying M2GEN’s assets and vulnerabilities.
- Configures tools to optimize the detection of M2GEN assets and associated vulnerabilities and configurations that could pose a risk.
- Assist with architecture models and capabilities to support secure solutions.
- Work side by side with vendor strategists, product development and architect teams to understand and integrate security practices where appropriate
- Bachelor's Degree in Computer Science, Information Technology, Information Security, Information Assurance, Information Management in related field or equivalent
- Certifications in Cloud Cybersecurity (e.g., CCSP, CCSK, Azure Security Engineer, etc.)
- Industry related certification (Certified Information Security Manager (CISM), Certified Ethical Hacker (CEH), Certified in Risk and Information Systems Control (CRISC), or Certified Information Systems Security Professional (CISSP))
- 8+ years of experience working in a Security Engineering and\or Operations
- 2-3 years of experience securing Azure architecture
- 2-4 years of experience in IAM, AD, SAML, Multi-Factor Authentication
- 3+ year of experience with scripting using languages such as Python
- Azure Platform Security - Perimeter, Network, Endpoint, Host, Serverless, and Container
- Strong security experience in other domains such as IAM, Azure-AD, SIEM, Vulnerability Management or Network Security
- Strong understanding of network fundamentals, UNIX and Windows security administration
- Experience with Infrastructure as Code and CI/CD pipelines
- Self-motivated and directed, consistently demonstrating initiative and drive for results
- Excellent organizational skills
- Strong analytical orientation and capable of interpreting data
- Comfortable working independently as well as part of a matrixed team
- Persistent and resilient with a tenacious appetite for success
- Flexible, start-up mindset and high functioning in a fast-paced, constantly changing, deadline driven environment
- Ability to work under pressure with time sensitive deliverables, always exemplifying professional and courteous behavior
- Ability to navigate and communicate across the organization with different functional groups and varying personalities
- Passion for Cybersecurity and learning
- Patients First
- Be Bold
- Join the Conversation
- Create Knowledge
- Lead by Example
