Sign upLog in

Sr. Information Security Engineer

Reveleer

CA(remote)

Apply
JOB DETAILS
SKILLS
Amazon Web Services (AWS), Ansible, Application Programming Interface (API), Applications Security, Automation, Business Skills, CCSP - Cisco Certified Security Professional, CISM - Certified Information Security Manager, CISSP - Certified Information Systems Security Professional, Cloud Computing, Code Reviews, Communication Skills, Computer Science, Computer Security, Continuous Deployment/Delivery, Continuous Improvement, Continuous Integration, Cryptography, Customer/Client Research, DevOps, Endpoint Security, Enterprise Protection, Forensic Science, GCIA - GIAC Certified Intrusion Analyst, GCIH - GIAC Certified Incident Handler, GCP (Good Clinical Practices), GIAC - Global Information Assurance Certification, GSEC - GIAC Security Essentials Certification, HIPAA (Health Insurance Portability and Accountability Act), Healthcare, Identity Data Management, Incident Response, Information/Data Security (InfoSec), Inventory Management, Jenkins, Mac Operating System, Manufacturing Data Management, Microservices, Microsoft Access Database, Microsoft Windows Azure, Microsoft Windows Operating System, Mobile Devices, Model Review, Multiplatform/Cross-Platform, Penetration Testing, Protocol Independent Multicast (PIM), Regulations, Risk, Risk Management, Security Analysis, Security Design, Security Information and Event Management (SIEM), Security Monitoring, Software as a Service (SaaS), Team Player, Threat Modeling, U.S. National Institute of Standards and Technology (NIST), Use Cases, Vulnerability Scanners
LOCATION
CA
POSTED
30+ days ago

Sr. Information Security Engineer Remote Opportunity

Position Summary The Senior Information Security Engineer plays a key role in safeguarding the companys cloud-based healthcare SaaS platforms infrastructure and customer data. This position is responsible for designing implementing and managing enterprise-grade security solutions that align with regulatory frameworks such as HIPAA HITRUST SOC 2 and NIST 800-53. The ideal candidate is a hands-on technologist with deep knowledge of cloud security AWSAzure DevSecOps practices endpoint protection identity management and security automation.

Key Responsibilities

  1. Cloud and Infrastructure Security · Design and maintain secure architectures across AWS Azure and GCP environments. · Implement guardrails and controls using services such as AWS Security Hub GuardDuty Config and IAM. · Conduct regular vulnerability scans configuration reviews and remediation tracking for infrastructure and workloads. · Develop and enforce network segmentation encryption and key management policies.

  2. Application & SaaS Security · Collaborate with DevOps and Engineering to integrate security into CICD pipelines Snyk StackHawk etc.. · Perform threat modeling code reviews and secure design reviews for microservices and APIs. · Support penetration testing and application security validation efforts. · Help ensure PHIPII is protected across all SaaS platforms.

  3. Endpoint & Identity Security · Manage and enhance EDRXDR solutions e.g. Cortex Defender for Endpoint. · Implement and monitor identity security controls through Microsoft Entra ID Azure AD Conditional Access and PIM. · Support Intune and MDM compliance policies for Windows macOS and mobile devices.

  4. Security Operations & Incident Response · Monitor alerts investigate incidents and coordinate responses with the SOC. · Develop and improve incident response runbooks playbooks and forensic analysis procedures. · Support SIEM integrations and continuous improvement of detection use cases.

  5. Governance Risk & Compliance · Support audits and evidence collection for HIPAA HITRUST SOC 2 and customer security assessments. · Maintain asset inventories risk registers and remediation tracking. · Collaborate with Compliance to ensure alignment between security controls and policies. · Contribute to security awareness and training initiatives.

Qualifications

Required · Bachelors degree in Computer Science Information Security or equivalent experience. · 5 years of experience in security engineering or related technical security roles. · Strong knowledge of cloud-native security AWS Azure and modern SaaS architectures. · Hands-on experience with SIEM EDRXDR IAM vulnerability management and security automation. · Familiarity with HIPAA HITRUST and SOC 2 requirements. · Experience securing containerized and serverless workloads e.g. EKS Lambda.

Preferred · Certifications such as CISSP CISM CCSP AWS Security Specialty or GIAC GSEC GCIA GCIH. · Experience with Terraform Ansible or CloudFormation for infrastructure-as-code security. · Experience in DevSecOps pipelines and tools e.g. Jenkins Bitbucket. · Strong scripting skills Python PowerShell or Bash.

Key Competencies · Analytical and detail-oriented with strong problem-solving skills. · Ability to balance business needs with risk mitigation. · Excellent communication skills able to translate complex technical topics for non-technical stakeholders. · Collaborative team player with a proactive approach to continuous improvement.

Our compensation reflects the cost of labor across several US geographic markets. Pay is based on several factors including market location and may vary depending on job-related knowledge skills and experience.

Reveleer E-Verifies all new hires. Reveleer is an equal opportunity employer. We do not discriminate on the basis of race religion color national origin gender gender identity sexual orientation age marital status veteran status disability status or genetic information in compliance with applicable federal state and local law.

About the Company

R

Reveleer