Hhaexchange27d ago

Principal Cloud Security Engineer

New York City Metropolitan AreaRemoteFull Timelead

SecurityCloud Security EngineerCybersecurity

0 views0 saves0 applied

Apply Now

Quick Summary

Overview

HHAeXchange is the leading technology platform for home and community-based care. Founded in 2008,

Technical Tools

SecurityCloud Security EngineerCybersecurity

HHAeXchange is the leading technology platform for home and community-based care. Founded in 2008, HHAeXchange was born out of an idea to create a fully comprehensive end-to-end homecare solution to help people who are aging or have disabilities thrive in their homes and communities. Our employees are passionate about transforming the healthcare space by building the only homecare ecosystem that fully connects patients, personal care providers, managed care organizations, and states.

HHAeXchange is currently seeking a Principal Cloud Security Engineer to join our growing Cybersecurity team. In this role you will be responsible for leading and driving security posture validation, managing & implementing technical solutions, driving improvements, creating security standards & policies, maintenance of re-usable & secure solutions, and functioning as a subject matter expert on services provided to the organization. The Principal Cloud Security Engineer also builds and maintains strong relationships across HHAeXchange, technical teams, and customers and ensures that the overall security strategy is aligned with both HHAeXchange’s strategic objectives and Security & Compliance requirements. You will maintain a senior level of expertise in multiple technical domains (focused in Cloud & Incident Response), perform proof-of-concept engagements, adopt forward-looking & business-aligned technology platforms and expand areas of expertise as the business evolves.

To perform this job successfully, an individual must be able to perform each essential job duty satisfactorily. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Design and guide secure architectures across AWS, Azure, and GCP.

Define and enforce security baselines aligned with NIST 800-53, HITRUST, and CIS Benchmarks

Lead threat modeling, architecture reviews, and secure design guidance for cloud workloads

Build and maintain Infrastructure as Code using Terraform (preferred) and cloud-native tooling

Integrate automated security controls into CI/CD pipelines (SAST, DAST, IaC scanning, container scanning)

Implement policy-as-code guardrails using tools such as AWS SCPs and cloud-native governance services

Develop automated remediation and enforcement workflows to reduce manual security effort

Embed compliance controls directly into cloud infrastructure and pipelines to support ATO efforts

Partner with compliance teams and auditors on evidence collection and continuous monitoring

Implement centralized logging, monitoring, and incident response across cloud environments

Serve as the senior cloud security SME for engineers, architects, and stakeholders

Mentor engineers on secure cloud development and DevSecOps practices

Translate complex security concepts to both technical and non-technical audiences

Provide daily oversight of security operations, to include the security impact analysis of proposed system modifications and implementations.

Monitor information security tools, including SIEM, system monitors, access control, and other specific cloud security controls

Other duties as assigned by supervisor or HHAeXchange exchange leader.

Travel up to 10%, including overnight travel

Bachelor’s degree in Computer Science or a related technical field, or equivalent practical experience.

8 + years of experience in the support of security-focused tools and services.

Minimum of 3 years of experience in support of security for Cloud Architectures.

Technical experience or understanding of commonly used EDR (e.g., SentinelOne, Carbon Black, Trend Micro, Crowdstrike, Microsoft Defender), network firewall (Palo Alto, Fortinet, AWS Firewall, Azure Firewall, Google Cloud Firewall), email security (Mimecast, Proofpoint), and workforce (O365, G Suite) software, technologies and standards.

Experience with Azure Security Center, AWS Security Hub, or Google Cloud Security.

Experience with security monitoring solutions (e.g., AWS CloudTrail, Azure Log Analytics, Google Cloud Audit Logs, SIEM, Cloud Security, or Cloud-Scale Monitoring).

Experience with securing CI/CD pipelines (e.g., Jenkins, git, CircleCI, TeamCity, Checkov, Fugue, Sentinel).

Experience with scripting and programming languages such as Python, Bash, Jinja, YAML, etc.

Comfort working in Linux, Windows, and Cloud Provider CLI.

Willingness to explore and adopt AI tools responsibly to enhance productivity and innovation in your role