Cloud Security Specialist

Emory Healthcare (EHC), part of Emory University, is the most comprehensive academic health system in Georgia committed to providing the best care for our patients, educating health professionals and leaders for the future, pursuing discovery research in all of its forms, including basic, clinical, and population-based research, and serving our community. As the clinical enterprise of the Robert W. Woodruff Health Sciences Center of Emory University, Emory Healthcare is dedicated to the unifying core purpose, core values, and strategic direction of the Robert W. Woodruff Health Sciences Center.

The Cloud Security Specialist directs and provides hardening guidance for cloud services from Cloud Service Providers such as Amazon, Azure and Google.

• Develops, implements, monitors and enhances data security policies, procedures, and standards related to AWS Azure, and GCP.
• Works with a team of Cloud Security Professionals where work is assigned via scaled agile methodology and distributed based on priority and skillset of team members.
• Perform in-depth risk assessments to ensure that the security safeguards and controls are aligned with our security policy and standards.
• Review infrastructure design on-premises and on the Cloud (inclusive of container security architecture, data security architecture, network security architecture, and operational security architecture).
• Assess the infrastructure and microservices design against different security regulatory, industry and internal standards which are based on NIST, HIPAA security guidelines and identify the necessary security architecture requirements.
• Execute on Cloud security engagements during different phases of the lifecycle, assess, design and implementation.
• Implementing industry-leading practices around cyber risks and cloud security. Research, create, develop and enforce security policies, standards and procedures to ensure the protection of the organizations security and systems as specified by the HIPAA/NIST control framework.
• Provide IT and business resources guidance in interpreting security compliance requirements and performing application and system security assessments.

Minimum Qualifications:

• 5+ years of relevant information security and information risk management experience.
• 3+ years of relevant experience in Public Cloud Security, including IaaS, PaaS and SaaS.

Skills/Abilities/Competencies:

• Familiarity of Infrastructure as a Service, Infrastructure as Code and related concepts on Azure or Amazon Web Services (AWS).
• Knowledge of cybersecurity concepts, including threats, vulnerabilities, security operations, encryption, boundary defense, auditing, authentication and risk management.
• Skilled experience in Cloud Security Architecture and Microservices Security (e.g. Tenant Security, AKS Security, Containers Security, Pod Security, Application Gateway & WAF, Security Groups and VNET Segmentations, Security Analytics, etc.).
• Knowledgeable in the dependencies related to end-point security and interaction with other components such as privilege management system, SIEM, SOAR, vulnerability management solution and operating model, PKI/Encryption technology, Firewall/IPS, WAF etc.
• Understanding the dependencies related to application security best practices such as secure coding, security testing techniques.
• Working knowledge of common and industry standard cloud-native/cloud-friendly authentication mechanisms (OAuth, OpenID, etc.).
• Experience and exposure to threat modelling and design reviews to assess security implications and requirements for the introduction of new technologies.
• Skilled in representing technical viewpoints to diverse audiences and in making timely and prudent technical risk decisions.
• In-depth understanding in applying native cloud security and monitoring services in the cloud, including network firewalls, access control lists, encryption, auditing and monitoring, alerting, secrets management and compliance scanning.
• Knowledge of configuration management technologies (i.e., SaltStack and Ansible), Infrastructure Automation Technologies (i.e., Terraform), Containerization and Cloud Orchestration Technologies (i.e., Kubernetes, Dockers), Windows/Linux and related services (i.e., Active Directory, DNS, MSSQL).
• Experience with DevOps Concepts and DevOps tooling such as Terraform, GitHub, Jenkins, SaltStack, XL Release, Bit Bucket.
• Skilled in full software or systems development life cycle, including requirements analysis, design, integration, testing and implementation.
• Knowledge of federal IT and cloud security policies, including FISMA, FedRAMP, NIST 80053, and DoD Cloud SRG and applying them to the design and implementation of cloud solutions to achieve an authorization to operate (ATO).
• Technology Risk Management & Compliance experience.
• Cloud Migration Experience Azure & Google.

Cloud Security Specialist Salary

36.75-66.53/hour

The salary of the position is based on specific criteria met within the qualifications of relevant experience, skills, performance and internal equity.