Senior Cloud Security Engineer

Washington Health Benefit Exchange

$100K — $151K *
Information Technology
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • 7+ years of information security experience
  • Experience with cloud security on platforms like Azure, AWS, or GCP
  • Proven track record in implementing security controls in cloud and infrastructure environments
  • Proficiency in vulnerability management tools and methodologies
  • Strong understanding of secure SDLC, architecture design, and security operations
  • Experience with container security and security orchestration tools
  • Effective collaboration with cross-functional teams for security remediation.

Responsibilities

  • Serve as a subject matter expert in cloud security, particularly Azure and native architectures
  • Enforce security controls and configuration standards in accordance with compliance requirements
  • Conduct security design reviews to ensure adherence to policies
  • Collaborate with DevOps teams to embed security into CI/CD pipelines
  • Evaluate emerging security technologies and recommend improvements
  • Maintain security documentation and assess effectiveness of security controls
  • Monitor environments for threats and perform incident response when necessary.

Benefits

  • Comprehensive benefits package to support employee health and well-being
  • Flexible work options including a hybrid remote and in-office schedule
  • Opportunities for professional development and training
  • Collaborative work environment with cross-functional teams
  • Limited travel requirements for meetings and training sessions.
Full Job Description
SUMMARY

The Senior Cloud Security Engineer position supports the Cloud & Infrastructure Security Team in the implementation and ongoing maintenance of information security solutions across both on-premises and cloud environments. This position provides expertise in cloud & infrastructure security under the technical guidance of Cloud & Infrastructure Lead to ensure initiatives are aligned with WAHBE's security policies, and state and federal regulations.

The Senior Cloud Security Engineer will also assist with risk and vulnerability assessments, support the integration and operation of security tools, and contribute to the remediation of identified issues as directed. This role is instrumental in helping develop, document, and administer network security standards and collaborates with IT and delivery teams, architects, external vendors and other stakeholders to implement security best practices.

As a technical resource, the Senior Cloud Security Engineer provides input on security configurations and supports secure system design and deployments. This role also contributes to security operations activities, such as incident response, threat monitoring, and vulnerability management, ensuring alignment with the overall security strategy.

DUTIES AND RESPONSIBILITIES
• Serve as a subject matter expert in cloud and infrastructure security, providing guidance on Microsoft Azure and cloud-native architectures
• Enforce secure architectural requirements, security controls, and configuration standards for current and new cloud and on-premise infrastructure in accordance with WAHBE security policies and regulatory requirements (e.g., CMS, IRS)
• Perform cross-functional Cloud & Infrastructure security design reviews to ensure solutions align with established security policies
• Collaborate with Infrastructure and DevOps teams to embed security best practices throughout infrastructure-as-code, CI/CD pipelines, and the software development lifecycle, implementing automated controls, threat modeling, and monitoring
• Evaluate and recommend new and emerging security products and technologies
• Create and maintain security architecture documentation, including models, baselines, templates, and diagrams
• Assess the effectiveness of implemented security controls, identify any gaps, and provide progress updates
• Configure, schedule, and conduct vulnerability scans using enterprise tools to identify potential security weaknesses
• Analyze and prioritize vulnerabilities based on risk and potential impact to WAHBE
• Assess identified findings from scan reports and develop actionable recommendations and compensating controls to address and mitigate associated risks
• Collaborate with Infrastructure and Operations teams to develop and implement remediation plans
• Ensure robust and measurable Vulnerability Management practices within both cloud and on-premise environments
• Report on vulnerability trends and key areas for improvement
• Maintain and optimize security tools and technologies including but not limited to firewalls, endpoint protection, and SIEM
• Continuously monitor the cloud and on-premise environment for security events, anomalies, and potential threats, and conduct thorough investigations to identify root causes and impacts
• Perform technical incident response efforts, including investigation, containment, and recovery from security breaches, and preparation of incident reports
• Collaborate with internal stakeholders, vendors, and external partners to ensure secure integration and ongoing compliance, maintaining synchronization with the Security objectives
• Support Cloud and Infrastructure Security Lead to support audit activities by providing technical guidance and documentation, and act as a liaison for internal and external audit reviews as needed
• Assist Cloud & Infrastructure Security Lead in reviewing existing security capabilities and assist in defining roadmap for cloud and infrastructure security enhancements
• Support the development and implementation of information security awareness and training initiatives
• Stay current on industry trends, emerging threats, and relevant technologies, and communicate key insights to the Cloud & Infrastructure Security Lead
• Provide regular briefings to the Cloud and Infrastructure Security Lead and Information Security Manager (ISM), escalating issues and blockers as necessary
• Perform other duties as assigned within the scope of cloud and infrastructure security

QUALIFICATIONS

Required:
• Minimum of Seven (7) years of experience in information security
• Demonstrated experience in deploying and administering security controls within cloud and infrastructure environments
• Design and implementation experience of security tools, processes, and procedures
• Demonstrated experience in cloud security principles and best practices for platforms such as Microsoft Azure, Amazon Web Services or Google Cloud Platform
• Proficient in network security principles, firewalls, routers, switches, server administration and configuration baselines
• Experience with vulnerability management tools, such as Nessus, PrismaCloud
• Demonstrated knowledge of secure SDLC, secure architecture design and security operations
• Experience defining secure architectural requirements, security controls, and configuration standards in compliance with regulatory requirements
• Experience with container security and securing container orchestration platforms
• Experience with vulnerability management tools, such as Nessus, PrismaCloud and knowledge of common vulnerability assessment methodologies and techniques (e.g., CVSS scoring, threat modeling)
• Proven ability to prioritize identified vulnerabilities and work collaboratively with cross-functional teams to ensure remediation and risk mitigation
• Demonstrates an understanding of the functions and operations of Security Information and Event Management (SIEM) systems, Endpoint Detection & Response
• Expertise in threat detection, Incident Handling, and operational security

Desired:
• Bachelor's degree in engineering, security or technology related major, or closely allied field AND three to four years of related experience
• Experience with tools like Terraform and Ansible and familiarity with CI/CD pipelines for automated security testing and deployment
• Demonstrated experience in supporting IRS/CMS or relevant audits
• Demonstrates interpersonal and collaboration skills, effectively partnering with internal management, staff, and cross-functional teams as well as external partners and vendors
• Experience in developing, reviewing, and updating security standards, procedures, awareness and training
• Demonstrated understanding of emerging cybersecurity threats

APPLICATION INSTRUCTIONS

This position will be open until we find a suitable number of candidates to review. If interested, please submit an application as soon as possible. The Exchange reserves the right to close the recruitment at any time.

SALARY INFORMATION

Full Salary Range: $100,819.00 to $151,228.00 annually, with midpoint at $126,023.00.

Hiring Range: $ 115,941.00 and $126,023.000annually. This is an estimate of where a qualified candidate can expect to receive an offer.

The actual salary offer will consider candidate experience, skills, qualifications, internal equity, and the market. Our compensation policy reserves the salary range above the midpoint for employees who are meeting and exceeding expectations and for growth and development, up to the maximum.

BENEFITS

Take a peek at our benefits package.

WORKING CONDITIONS

Core business hours are 8:00 a.m. to 5:00 p.m., Monday through Friday. There are times where irregular hours will be required. The preferred duty station is our Olympia, Washington headquarters. The nature of this role relies heavily on remote and in-person collaboration. While a hybrid remote and on-site schedule may be considered, the position will require flexibility to allow for in-office availability as business needs dictate. Travel requirements will be limited, however there may be occasions where an employee is required to travel and work irregular hours to attend meetings or trainings. Duties of this position require the use of standard office furniture and equipment, including setup for remote work. The employee is responsible for providing and maintaining a safe, ergonomic, and secure workspace at their remote location.

The working conditions and physical demands are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

SPECIAL REQUIREMENTS

A criminal background screen will be conducted for candidates under final consideration, and if hired, every five years of employment where highly sensitive data is processed or maintained by the position. The result of this background screen must meet the Exchange s eligibility standards.

OTHER INFORMATION

The above statements are intended to describe the general nature and levels of work being performed. They are not intended to be construed as an exhaustive list of responsibilities, duties and skills of personnel so classified.

This is not an employment agreement or contract. Management has the exclusive right to alter this job description at any time without notice.

Similar Jobs

More Jobs at Washington Health Benefit Exchange

More Information Technology Jobs

Find similar Senior Cloud Security Engineer jobs: