Staff Cloud Security Engineer

Is it possible for you to openly access your company’s financial data, or HR records? No, of course not. Did you know, however, that in hospitals across the country, any doctor, any nurse, or any person from any department with computer access can easily review your healthcare information? I know what you're thinking, and you're correct. Yes, that is a privacy violation; and there were more than 59 million of these breaches in 2022 alone. Crazy, right? This is the problem smart Staff Cloud Security Engineers can help solve.  

The Protenus Healthcare Compliance Analytics platform is powered by artificial intelligence (AI) that ingests robust, unique data feeds to provide visibility into potential patterns of suspicious behavior that may otherwise go unnoticed. Our AI and advanced analytics empower subject matter experts to mitigate and ultimately reduce organizational risk — whether it's an employee improperly accessing patient records, or a clinician diverting medications — in an efficient, accurate, and scalable manner. If the opportunity to thwart these bad actors doesn’t excite you, maybe the opportunity to serve on a team filled with other engineers who do different work than you, and together, you will collaborate and influence the end result of this cutting-edge technology, will do the trick.

As a member of the Security Team, which is responsible for the ongoing security of the Protenus Platform and Corporate assets, the Staff Cloud Security Engineer is critical to ensuring Protenus maintains and improves its Security Posture. The Staff Cloud Security Engineer works directly with Leadership, Engineering and IT team members to advise, review, and improve the safety and security of all Protenus technologies, in order to protect one of our most important assets: the trust that exists between our company and our customers.

Responsibilities

• Develop and improve upon the ongoing monitoring of the Protenus Platform.
• Respond to Security Incidents should they arise, including investigation and troubleshooting of security alarms, and authoring of response runbooks
• Create new security monitors for cloud and application-based vulnerabilities
• Work directly with the Infrastructure and Engineering teams on planning and development of future components to ensure security best-practices
• Respond to third-party security questionnaires regarding the technical specifics of the Protenus Platform
• Assist in the implementation, management and completion of internal and external security, privacy and compliance audits.
• Mentorship of Security Engineers, as well as Infrastructure and Software Engineers, on technical and security matters

Qualifications

• 7+ years working in public cloud services, with at least 4 years experience utilizing AWS
• 3+ years direct experience securing cloud infrastructure
• Direct experience with the Protenus Infrastructure Technical Stack
• Direct experience with performing cloud-posture assessments, benchmarks
• Strong understanding of cloud networking, such as VPCs, NACLs, Security Groups and routing with CIDR notation
• Ability to work with technical teams to design and implement solutions to security vulnerabilities. This is a team effort at Protenus, and needs participation by everyone.
• Ability to communicate with clarity and precision on complex technical matters to a wide variety of audiences

Nice to have

• Experience with Palo Alto VPNs and Global Protect
• Cybersecurity Degrees and Certifications
• Experience with automation of operational tasks
• Experience with enterprise and/or cloud-based logging platforms (Splunk, Datadog, SumoLogic)
• Experience with modern authentication protocols (SAML, OIDC, OAUTH, etc.)

Tech StackInfrastructure Stack

• Networking: VPCs & Subnets, CIDR-based NACLs and Routing, Security Groups
• Containers & Orchestration: Docker and Amazon ECS
• IaC: Terraform
• AWS Services: EC2, ASG, ECS, S3, SNS, SQS, EMR, ELB/ALB/NLB, AWS Certificate Manager

Security Stack

• Security Tools: Lacework, BurpSuite, Nessus, Datadog
• Future AWS Security Services: Inspector, Guard Tower, Security Hub, Detective
• Monitoring: Datadog, Opsgenie
• CI/CD: GitHub Actions, Jenkins
• Version Control: GitHub
• Others: Okta & Auth0, Mosyle, Palo Alto Global Protect

  Sponsorship: We are unable to offer visa/green card sponsorship at this time.

  Location: Anywhere within the United States. We are a virtual first organization.

  About Protenus

  Our HQ is located in the Fells Point area of Baltimore, MD. We love our office and hope you will too, but we won't require you to work from there. We made the decision to be a "virtual first" organization in early 2021. Even after COVID is a thing of the past, we will remain virtual first. If you live in the area and would like to come in, great! If you are in town to meet with your team, even better! We welcome you (and dogs) anytime. We operate with "big person rules" and let you make the decision about what works best for you, your life and your family. Results > Location