Security Engineer

We are a mid‑sized company in a transformation phase: modernizing legacy systems, building new products, and automating workflows that used to require rooms full of people. If you want to build things that matter (not just maintain them), this is a good time to join.

The Security Engineer is a member of the Security and IT Operations team with a strong emphasis on cloud security, AWS architecture, and Infrastructure-as-Code (IaC). This role is responsible for protecting sensitive health information in a highly regulated environment and embedding security controls directly into cloud-native infrastructure using automation-first practices.

• →Design, implement, and maintain AWS-focused cloud security architecture aligned with HIPAA, NIST, and HITRUST.
• →Secure AWS environments using IAM, Organizations, CloudTrail, Config, GuardDuty, Security Hub, KMS, and network security controls.
• →Build, review, and maintain Infrastructure-as-Code using Terraform, ensuring security controls are versioned, auditable, and enforced by default.
• →Develop secure Terraform modules, guardrails, and policy-as-code to prevent misconfiguration and drift.
• →Partner with Development and CloudOps teams to implement DevSecOps practices, including CI/CD pipeline security and IaC scanning.
• →Establish and manage identity and access standards across AWS and Microsoft Entra.
• →Support SOC 2 Type II, HITRUST, HIPAA, and PCI audits with a focus on cloud control evidence.
• →Monitor cloud environments, triage security events, and respond to incidents in partnership with the MSP.
• →Maintain documentation related to cloud security architecture, IaC standards, and incident response.
• →Provide security mentorship and cloud security expertise across the organization.

• Bachelor’s degree in Computer Science, Engineering, or equivalent experience.
• 3+ years of hands-on security engineering experience with strong AWS focus.
• Hands-on experience with Terraform and Infrastructure-as-Code workflows.
• Experience securing AWS workloads including compute, storage, and networking.
• Experience with Microsoft Entra, Active Directory, and AWS IAM.
• Experience with HIPAA, NIST, SOC 2, and HITRUST security controls.
• Experience integrating security into CI/CD pipelines and DevSecOps workflows.
• Strong knowledge of Windows operating systems and networking concepts.

• Experience with Azure or GCP.
• Experience with cloud security posture management and IaC scanning tools.
• Knowledge of modern cloud attack vectors and mitigating controls.
• Experience with cryptography, key management, and authentication mechanisms.
• Security certifications such as CISSP, CISM, CSSLP, or AWS Security Specialty.
• Experience with application security and secure development practices