[Remote] Senior Cloud Security Engineer
Note: The job is a remote job and is open to candidates in USA. Xsolis is an AI-driven technology company reducing administrative waste in healthcare by enabling smarter collaboration between providers and payers. As a Senior Cloud Security Engineer, you will lead the design and implementation of cloud security measures, ensuring compliance with healthcare regulations and safeguarding sensitive patient data.
Responsibilities
- Design and implement secure cloud architectures across AWS
- Lead the development of security guardrails, policies, and standards (IAM, network segmentation, encryption, etc.)
- Implement Zero Trust architecture principles across cloud-native systems and user endpoints
- Secure containerized and serverless workloads (ECS, Kubernetes, Docker, Lambda, etc.)
- Assess existing cloud implementations, identifying security issues and prioritizing them for remediation
- Define and enforce security controls for endpoints and resource access
- Implement improvements in identity lifecycle and PAM
- Partner with engineering teams to design and implement a secure VDI environment to support PHI access
- Define and enforce security controls for AI/ML and GenAI applications
- Partner with Data Science to mitigate risks such as model poisoning, prompt injection, data leakage, and adversarial attacks
- Secure Agentic AI systems, including autonomous workflows and decision-making agents
- Collaborate with data science teams to embed security into model development lifecycle (MLSecOps)
- Collaborate with GRC to ensure adherence to healthcare regulations (HIPAA, HITRUST, SOC 2, etc.)
- Conduct risk assessments and threat modeling for cloud and AI systems
- Support audits and compliance initiatives with appropriate controls and documentation
- Implement and tune cloud-native security monitoring and detection (SIEM, CSPM, CWPP)
- Develop automated response and remediation workflows
- Help manage incident response efforts for cloud security events
- Deep experience with SAST, DAST, SCA, and the use of AI coding tools
- Familiarity with programming languages (Python, Java, Node.js, C#)
- Integrate and optimize security in CI/CD pipelines and infrastructure-as-code (Terraform, CloudFormation)
- Automate security controls, scanning, and policy enforcement
- Partner with engineering teams to shift security left
- Mentor other engineers, security analysts, and promote security best practices across teams
- Partner with product, engineering, people operations, enterprise systems, and data science teams
- Stay ahead of emerging threats in cloud and AI security
- Collaborate with various teams (internal and external) to meet business objectives and support Xsolis values
Skills
- Bachelor's degree in Cybersecurity, Computer Science, Information Systems or working experience required
- 5+ years of experience in cloud security or cybersecurity engineering
- Strong knowledge of cloud security principles (IAM, networking, encryption, logging, etc.)
- Hands-on experience using and securing AWS services
- Solid understanding of securing containerized environments (Kubernetes, Docker)
- Deep understanding of security in regulated environments (HIPAA, HITRUST, SOC 2)
- Broad experience implementing automation to gain efficiencies
- Experience implementing Zero Trust Architecture
- Proficiency in programming or scripting
- Experience identifying AI security risks and securing AI technologies
- Ability to work and indirectly lead a wide range of professionals and team members
- Master's degree in Cybersecurity, Computer Science, or Information Systems degree desirable
- Certifications such as CISSP, CCSP, AWS Security certifications are highly desired
Benefits
- Medical/Dental/Vision insurance
- 401K company match
- Flexible Paid Time Off
- Paid parental leave
- HSA/FSA options
- Educational reimbursement program
- Employer-paid EAP & Mental Health services
Company Overview