Principal Infrastructure Engineer(DevSecOps)

What you'll be doing:

Infrastructure Engineering plays a critical role in Iterative Health to,

• Empower its Technology teams to develop and operate their cloud native services,  ML models and data analytics in Cloud Infrastructure 
• Secure Cloud Infrastructure with zero-trust framework 
• Provide self-serviced CI/CD platform for terms to build and deploy services, ML models, and data analytics
• Support Infrastructure security compliance

Iterative Health is seeking a Principal Infrastructure  Engineer(DevSecOps) to develop Cloud Infrastructure Security strategies for data, applications and machine learning model development as well as to implement security measurements and monitoring and support security compliances. 

• design and implement security measures for IH platforms infrastructure and applications
• develop data security and protection controls 
• automate security posture and observability 
• configure and maintain security controls and tools 
• monitor security threats and incidents, and respond to them in a timely and effective manner
• collaborate with cross functional teams to ensure compliance with security policies and industry regulations
• advise engineering teams in application secure design and vulnerability with security best practices
• participate in incident response, forensic analysis and incident management to minimize impact and return to normal operations
• research and stay up-to-date on the latest security trends and technologies

Required skills:

• expert in working with cloud security practices 
• enterprise experience in Cloud technologies, AWS or GCP and IAM
• experience in Linux fundamentals and security 
• experience in TLS/ mTLS and DNS management
• experience in developing automation with shell scripts and Python
• experience in SSO, Oath2 authentication, OpenId
• experience and knowledge of Docker and Kubernetes security
• experience and knowledge of penetration testing tools 
• problem-solving and self-motivated learning attitude
• agility with cross-functional teams and collaboration with team members
• strong written/verbal technical communication and interpersonal skills
• public cloud IAM and SSO, such as AWS. GCP or Azure
• data security and protection
• cybersecurity controls in networking and zero-trust principles
• software application vulnerabilities and tooling
• SOC 2/HIPAA or HITRUST compliance

Preferred skills:

• Certifications in cloud security and/or information security, CCSP or CISSP
• B.S in computer science or engineering