Senior Product Security Cloud Engineer
New
Source API remote eligibility restrictions: United States. The role can be remote-based or located onsite in Danvers, MA or Raritan, NJ., US East Coast hoursFull-TimeSenior
Salary94,000 - 151,800 USD per year
Apply NowOpens the employer's application page
Job Details
- Experience
- 5+ years industry experience in CyberSecurity. 5+ years industry experience within MS Azure cloud
- Required Skills
- DockerAgileCybersecurityKubernetesSCRUMJiraConfluenceAzure DevOpsHIPAA
Requirements
- Bachelor’s degree or equivalent
- 5+ years industry experience in CyberSecurity.
- 5+ years industry experience within MS Azure cloud
- Experience working in a Cloud Scrum/Agile Azure DevOps environment.
- Familiarity with some or all of these tools: Snyk, Veracode, Wiz, JIRA, Confluence.
- Experience with Containerization technologies such as Docker and Kubernetes.
- Working knowledge of regulatory standards and compliance frameworks (e.g., NIST Cybersecurity Framework, ISO27001, SOC2, HIPAA, GDPR).
- Experience with security risk management techniques.
- Demonstrated organizational skills, attention to detail, the ability to handle multiple assignments simultaneously in a timely manner and be able to meet assigned deadlines.
- Committed to working with a sense of urgency and embracing new challenges.
- Strong communication and interpersonal skills.
- Experience working in an FDA-regulated environment.
- Experience working with medical devices connected to the MS Azure Cloud
- CISM or CISSP or CCSP certification
Responsibilities
- Partner with engineering teams (cloud, console) to drive successful adherence to the product security policies, processes, framework and program objectives.
- Create, update, and improve product security processes for the cloud infrastructure and application.
- Advise on cybersecurity matters and provide guidance to engineering and cross-functional teams.
- Advocate for proactive inclusion of cybersecurity controls and processes into all phases of the product life cycle, process improvements, strategic product road map planning.
- Deliver documentation for pre-market product development activities including security plans, threat models, security requirements, SBOM, and risk management documentation.
- Drive and monitor monthly post-market vulnerability management activities, with adherence to strict timelines.
- Perform threat modeling and cybersecurity risk assessment on Cloud infrastructure and applications.
- Collaborate with the development team to integrate security measures into the CI/CD pipeline and the DevSecOps processes.
- Continuous improvement and integration of Wiz and MS Defender Scores and monthly reports.
- Support compliance certification activities, such as SOC2, FedRAMP, ISO 27001, C5 in Germany, etc.
View Full Description & ApplyYou'll be redirected to the employer's site
