Sr. IS Cloud Security Engineer
Cancer care is all we do
Hope in healing
Cancer Treatment Centers of America® (CTCA®) takes a unique and integrative approach to cancer care. Our patient-centered care model is founded on a commitment to personalized medicine, tailoring a combination of treatments to the needs of each individual patient. At the same time, we support patients' quality of life by offering therapies designed to help them manage the side effects of treatment, addressing their physical, spiritual and emotional needs, so they are better able to stay on their treatment regimens and get back to life. At the core of our whole-person approach is what we call the Mother Standard® of care, so named because it requires that we treat our patients, and one another, like we would want our loved ones to be treated. This innovative approach has earned our hospitals a Best Place to Work distinction and numerous accreditations. Each of us has a stake in the successful outcomes of every patient we treat.
Job Description: This position can be located in Goodyear, AZ or Schaumburg, IL.
The Sr. Security Engineer is responsible for maintaining and updating the CTCA security infrastructure and providing architectural guidance around security related issues. This includes applying patches and upgrades to infrastructure tools and reviewing application code or configuration for compliance with security standards. Where necessary, security standards will be developed and managed. It will also require monitoring the industry for change and growth.
The position will participate in policy development, project management, and will be able to act as back-up for the IS Security Director. Will also involve training other IS Security personnel.
* Maintains an awareness of emerging security alerts and issues. Acts upon these alerts and issues by deploying, managing, and maintaining all security systems with their corresponding software.
* Reviews application code and system configurations for compliance with established security standards and sets those standards if they are absent.
* Manages, monitors and architects security controls in cloud-based environments.
Skills, Education and Additional Information
* 2 years of hands-on experience securing cloud applications and infrastructure (AWS strongly preferred);
* Prior experience with secure application development (3-5 Years is preferred)
* Acting as a subject matter expert on cloud cyber risk for the Microsoft O365-EMS/AWS platforms.
* Excellent understanding/working knowledge of the public cloud infrastructure and services in Azure and AWS is a strong plus;
* Understanding of software development lifecycle models, as well as the approaches to implement the AWS Well-Architected Framework;
* Understanding of the shared responsibility model in AWS;
* Fluency with one or more scripting/coding languages (e.g. bash, Python, powershell);
* Experience implementing and leveraging the logging and monitoring solutions is a plus;
* Relevant security and AWS or Azure certifications are a plus but not required.
* Engineering cloud security guard rails in AWS or Azure
* Experience in a development and operations role, implementing security through code development and infrastructure code reviews, establishing security ecosystems utilizing APIs and event driven security response.
* Previous participation in bug-hunting, pen tests, vulnerability assessments
* Cloud access security broker (CASB) or similar experience securing SaaS offerings
* Conducting cloud security analysis of prospective clients' Microsoft Active Directory, Office 365 and EMS Cloud platforms and environments. This can include Microsoft's cloud solutions such as MCAS, PIM, InTune, SharePoint, One Drive, Teams, Skype, Exchange, AD, DLP, AIP and Exchange Online Protection
* Performing technical health checks for these Cloud platforms/environments prior to broader deployments.
* Supporting proof of concept and production deployments of these cloud technologies.
* Experience with clients transitions to the Microsoft O365/EMS cloud services such as tenant setup and service configuration, focused on cloud cyber risk mitigation
* Assisting clients with configuration and delivery of cloud security and compliance reports.
* Providing technical support for O365/EMS services and resolve service-related issues through research and troubleshooting and working with Microsoft.
* Implementation of industry leading practices around O365/EMS cyber risks and cloud security for clients.
* Designing and developing cloud-specific security policies, standards and procedures e.g., O365/EMS tenant management and configuration, identify management and access control, firewall management, auditing and monitoring, security incident and event management, data protection (DLP, encryption), user and administrator account management, SSO, conditional access controls and password/key management.
* Documenting platform technical issues, analysis, client communication, and resolution as part of cyber risk mitigation steps.
* Executing on O365/ EMS cloud security engagements during different phases of the lifecycle – assess, design, and implementation & post implementation reviews.
* Implementing industry leading practices around O365-EMS/AWS cyber risks and cloud security for clients
We win together
Each CTCA employee is a Stakeholder, driven to make a true difference and help win the fight against cancer. Each day is a challenge, but this unique experience comes with rewards that you may never have thought possible. To ensure each team member brings his or her best self, we offer exceptional support and immersive training to encourage your personal and professional growth. If you're ready to be part of something bigger and work with a passionate, dynamic group of care professionals, we invite you to join us.
Visit: Jobs.cancercenter.com to begin your journey.
Apply on company website