Medable

Cloud Security Operations Engineer (GCP/AWS) - Remote

Medable$120K — $150K *
US-AnywhereRemote in Alaska, US
Information Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • 4+ years of experience in cloud security, DevSecOps, or cloud engineering with a security focus.
  • Hands-on experience with GCP and AWS security controls like IAM and encryption.
  • Experience securing Kubernetes environments with RBAC and patch management.
  • Strong background in vulnerability management including triage and remediation.
  • Familiarity with secure AI integration and data governance.

Responsibilities

  • Collaborate with teams to optimize security for multi-cloud infrastructures.
  • Respond to and mitigate cloud security alerts and vulnerabilities.
  • Manage security consoles and configuration hygiene for cloud environments.
  • Implement secure baseline configurations and guardrails in partnership with DevOps.
  • Oversee vulnerability workflows across various cloud services and dependencies.
  • Enhance security for Kubernetes environments, focusing on hardening and controls.
  • Support secure AI implementations, ensuring data protection and compliance.

Benefits

  • Remote work flexibility from the start.
  • Comprehensive medical, dental, and vision insurance.
  • Annual performance-based bonuses and stock options.
  • Wellness program support for mental, physical, and financial health.
  • Volunteer time off to engage in community service.
Full Job Description
1. Responsibilities

  • Work cross-functionally with Information Security Operations and Infrastructure/DevOps teams, to administer and optimize security posture across multi-cloud (GCP/AWS) infrastructure, including native security services, IAM, logging, and threat detection.
  • Triage and respond to cloud security alerts and vulnerabilities; implement timely mitigations, configuration changes, and patches.
  • Own configuration and hygiene for cloud security consoles (examples: GCP Security Command Center, Cloud Logging, Cloud Armor, KMS, IAM, etc.).
  • Partner with DevOps to implement secure baseline configurations and guardrails (network segmentation, least privilege, encryption, key management, secrets handling, egress controls), in alignment with industry standard frameworks such as CIS, NIST 800-53, OWASP Top 10, etc.
  • Run day-to-day vulnerability workflows: detection, prioritization, remediation, and validation across cloud services, hosts, containers, and third-party dependencies.
  • Manage and harden security configurations for Kubernetes Engine environments, including:
    • Cluster and node security settings, RBAC, pod security controls, network policies, admission controls, and runtime security, Image vulnerability scanning, container supply-chain controls, patch cadence and version lifecycle management for clusters/nodes and supporting components.
  • Support secure implementations/integrations of AI within cloud infrastructure, including:
    • Data protection controls (PII/PHI handling, encryption, retention, audit logging).
    • Network controls (private connectivity where feasible, egress restrictions, proxying, allowlists).
    • Usage monitoring, abuse prevention, and security reviews for AI-driven features/workflows.
    • Contributing to internal AI security standards (prompt/data handling guidance, logging strategy, third-party risk considerations).
  • Work cross-functionally with IS Risk and Compliance team to produce evidence and reporting to support internal security requirements and external compliance obligations (e.g., SOC 2 / ISO-aligned controls, healthcare and privacy expectations).
  • Participate in security incident response for cloud-related events, including containment and recovery actions.
  • Other duties as assigned.

2. Experience

  • 4+ years of hands-on experience in cloud security, DevSecOps, cloud engineering with security focus, or security operations in cloud environments or a combination of education and experience.
  • Experience in healthcare technology and/or regulated environments (privacy, audit evidence, security control documentation).
  • Practical experience administering security controls in GCP and AWS (IAM, logging, encryption/KMS, network security, cloud security services).
  • Experience securing Kubernetes environments, including RBAC, cluster hardening, workload controls, and patch/version management.
  • Strong vulnerability management experience (triage, remediation coordination, patching workflows, validation).
  • Experience supporting secure integrations of LLM/AI services (e.g., ChatGPT/Grok) in production systems, including data governance and key management.

3. Skills

  • Ability to work cross-functionally between InfoSec and Infrastructure/DevOps, and translate security requirements into implementable controls.
  • Comfort working from tickets/alerts through to implemented changes in production cloud environments.
  • Comfortable writing code in any one programming language: Javascript/Python/Bash.
  • Familiarity with Infrastructure-as-Code and automation concepts (Terraform/CloudFormation, CI/CD pipelines, scripting).

4. Education, Certifications, Licenses

  • Bachelor's degree in Cybersecurity, Information Technology, Computer Science or a related field preferred.
  • Security certifications (one or more): GCP Professional Cloud Security Engineer, CISSP, CCSP, Security+.

5. Travel Requirements

As required.

At Medable, we believe that our team of Medaballers is our greatest asset. That is why we are committed to your personal and professional well-being. Our rewards are more than just benefits - they demonstrate our commitment to providing an inclusive, healthy and rewarding experience for all our team members.

Flexible Work
  • Remote from the start, we believe in a flexible employee experience


Compensation
  • Competitive base salaries
  • Annual performance-based bonus
  • Stock options for employees, aligning personal achievements to Medable's success


Health and Wellness
  • Comprehensive medical, dental, and vision insurance coverage
  • Carrot Fertility Program
  • Health Saving Accounts (HSA) and Flexible Spending Accounts (FSA)
  • Wellness program (Mental, Physical and Financial)


Recognition
  • Peer-to-peer recognition program, celebrating achievements and milestones


Community Involvement
  • Volunteer time off to support causes you care about

About Medable

Medable is a healthcare technology company that provides a platform for decentralized clinical trials. The platform enables patients to participate in clinical trials from their homes, reducing the need for in-person visits to clinics. Medable's platform also helps researchers to collect and analyze data from clinical trials more efficiently. The company's customers include pharmaceutical companies, contract research organizations, and academic institutions.
Learn more about Medable
Size
200 employees
Industry
Founded
2012

Similar Jobs

More Jobs at Medable

More Information Technology Jobs

Find similar Cloud Security Operations Engineer (GCP/AWS) - Remote jobs: