DESCRIPTION

We are quickly scaling up the team to support Health Science researchers in our Secure Health Research Cloud. Our research cloud team support a wide array of technical needs for our customers. We work closely with our customers to build what they need to facilitate their research, while helping them to be secure, operationally and cost efficient, and scalable!

Understand and follow, whenever possible, the five pillars of the AWS Well Architected Framework. In particular, focus on adherence to the Security and Operational Excellence Pillars regarding securing workloads, IAM, Security incident detection and response, as well as infrastructure & data protection. Create documentation regarding account "owner" acceptable use and end-user/owner account security requirements and responsibilities as well as change process. Create documentation and process for security incident response. Participate in account onboarding and project discussions to ensure security concerns are addressed from the beginning.

Work with the DevOps engineer to understand and address regulatory requirement of applications and resources built in the environment. Create documentation and procedures for regularly auditing accounts for security concerns and breaches including, but not limited to, use of deprecated OS, CVE patching/remediation, IAM user access and permissions. When possible design and implement procedures to auto-remediate security issues that may arise from misconfigurations or "testing". Implement anti-virus and vulnerability scanning agents installation and configuration on ec2 instances and ensure ongoing compliance. Documentation and remediation of security concerns with existing infrastructure. Centralize AWS security controls and configurations and create playbooks for regularly auditing and responding to findings.

MINIMUM QUALIFICATIONS

• Nine (9) years of related experience, education/training, OR a Bachelor's degree in related area plus five (5) years of related experience/training.

• Experience and proven success providing a variety of IT services such as database administration, application programming, IT project management, systems administration, systems and process analysis, security, solution development and maintenance, business technical support or a combination of these and/or other IT functions. Must have experience in data integration and the specification of data services.

• Advanced knowledge of computer security tools, best practices and policies including demonstrated experience securing server-based software.

• Demonstrated skill at analyzing and preventing security incidents of high complexity.

• Strong security skills for protecting the operating system, software, data and hardware.

PREFERRED QUALIFICATIONS

• Experience working in secure environments, security control management, and remediation (standard frameworks like NIST, CIS, PCI, etc).
• Experience with the management of system patching, back up, and remediate of security findings.
• Experience with network and firewall controls to prevent attacks, vulnerabilities, and data egress.
• Customer support, requirements/technical/user documentation.
• Skilled with problem solving
• Experience in a healthcare environment.
• Associate or professional AWS level Certification(s), Systems administration and/or related certifications.
• Terraform or Cloudformation experience.

SPECIAL CONDITIONS

• Employment is subject to a criminal background check and pre-employment physical.