Senior Cloud Security Engineer

Arcadia is dedicated to happier, healthier days for all. We transform diverse data into a unified fabric for health. Our platform delivers actionable insights for our customers to advance care and research, drive strategic growth, and achieve financial success. For more information, visit arcadia.io.

Why This Role Is Important to Arcadia

Arcadia’s Security Engineers spearhead our efforts to protect our clients’ data, guided by an industry-leading security program. Building and supporting security solutions aimed at fortifying Arcadia’s cloud SaaS infrastructure, the ideal candidate combines information security expertise with aligned technical capabilities to assess, design, and implement controls across a cloud-based infrastructure. Security Engineers support ongoing compliance efforts and certification/recertification of industry-best security frameworks including HIPAA, HITRUST, ISO 27001, NIST 800-53, 201 CMR 17, and SOC-2 while operating and implementing new technical controls to meet Arcadia’s evolving products and security challenges. 

What Success Looks Like

In 3 months

- Demonstrating a clear understanding of Arcadia’s policies and procedures for AWS cloud infrastructure

- Developing competency around day-to-day upkeep of MDR, AV, and firewall services

- Beginning planning and execution of longer-term project-based work around security tooling and monitoring

In 6 months

- Demonstrating holistic knowledge of Arcadia’s product suite and security components, logging, and able to identify gaps in security delivery

- Progressing on automating key security components into auto-build, quarterly maintenance, and other time-based security controls

- Deep understanding of interconnectivity between AWS microservices, EC2 based workloads, and customer networks

In 12 months 

- Expert in Arcadia technical security controls, regularly updating documentation and training new hires

- Providing technical input into planned and future project-based work

- Executing new security technology improvements through product demos, proof-of-concepts, and upgrades to existing solutions

What You'll Be Doing

• Design, implement, and maintain cloud security architectures in AWS, Azure, and Kubernetes environments, ensuring robust protection for critical systems and data.
• Develop and enforce cloud security best practices and standards to align with organizational security policies and regulatory requirements (e.g., HIPAA, HITRUST, ISO 27001, NIST 800-53, 201 CMR 17, and SOC-2).
• Conduct risk assessment and threat modeling to identify vulnerabilities in clous infrastructure and applications, proposing and executing remediation strategies.
• Lead cloud and Kubernetes security incident response efforts, investigating security incidents, coordinating with team for mitigation, and driving post-incident analysis and improvements.
• Collaborate with DevOps and engineering teams to intergrade security into the CI/CD pipelines and enable secure cloud-native application deployment.
• Implement and manage Kubernetes security tools, such as identity and access management (IAM), encryption solutions, and monitoring tools (e.g., SIEM & DLP).
• Manage and configure Palo Alto firewalls to ensure secure network perimeter, implementing advanced security policies, threat protection, and traffic monitoring.
• Monitor and troubleshoot Palo Alto firewall performance, conducting regular health checks and ensuring high availability.
• Design and implement Palo Alto firewall rulesets, including access control, VPN configurations, and NAT policies, to optimize security while maintaining business continuity.
• Monitor cloud and Kubernetes environments for potential threats through security event monitoring, log analysis, and vulnerability scanning, ensuring continuous protection against evolving attack vectors.
• Perform security audits of Kubernetes clusters and containerized applications, ensuring that cloud infrastructure meets internal security standards and compliance requitements.
• Develop and deliver cloud security training to employees and stakeholders to raise awareness on securing cloud-based applications and services.

What You'll Bring

• Deep expertise in cloud security, including AWS, IAM management, Kubernetes security, and infrastructure security architecture
• Experience with the design and implementation of Enterprise based security – IDS/IPS, SIEM, vulnerability management, etc.
• Expert at managing and securing Enterprise Windows, Linux, and MS SQL Server environments
• Comfortable with the primary AWS service stack, with experience securing server and Kubernetes-based workloads.
• Strong experience using encryption/decryption, federation; - TLS, PGP, SSH, TDE, AWS-KMS, SAML
• Proficiency configuring virtual/physical perimeter security devices
• Comfortable using code to automate processes and drive results – powershell, python, bash, java, t-sql
• Familiarity with healthcare information security certifications and regulations such as HIPAA, HITRUST, ISO 27001, NIST 800-53, 201 CMR 17, and SOC-2

Would Love For You To Have

• AWS Certified Solutions Architect, AWS Certified Security Specialist or similar certifications preferred, CCSP or CISSP  
• Palo Alto Networks certifications
• Microsoft Certified System Administrator/Engineer
• Experience managing Active Directory, Multifactor Auth, Single Sign-On in a multi-tier web-application infrastructure
• Azure or GCP experience is a nice add-on

What You'll Get

• You will have the opportunity to work with cutting edge cloud technology to ensure the security of mission critical healthcare data.
• You will design, implement, and maintain security solutions in a heavily regulated environments in the cloud
• You will work with a team of experts in building and maintaining a highly validated security and privacy program for the leader in Population Health and Healthcare data analytics including experience with certifications such as HIPAA, HITRUST, ISO 27001, NIST 800-53, 201 CMR 17, and SOC-2.
• Be a part of a dynamic team and organization that has built security and privacy into the fabric and culture of the organization.
• Be a part of a mission-driven company that is transforming the healthcare industry by changing the way patients receive care
• A flexible, remote-friendly company with personality and heart
• Employee driven programs and initiatives for personal and professional development
• Be a member of the Arcadian and Barkadian Community