Cloud Security Engineer
Imagine a workplace that encourages you to interpret, innovate and inspire. Our employees do just that by helping healthcare payers manage the cost of care, improve competitiveness and inspire positive change. You can be part of an established company with a 40-year legacy that helps our customers thrive by interpreting our client's needs and tailoring innovative healthcare cost management solutions.
Our commitment to diversity, inclusion and belonging are part of the fabric of our company. We strive to create a workplace that fosters mutual respect and collaboration, where every talented individual can participate and perform their best work. We are MultiPlan and we are where bright people come to shine!
Please note: our offices are currently closed due to the pandemic and our employees are working from home. Once our offices reopen, this position will transition to working in either our NYC, Rockville, MD, Bedford, MA, Naperville, IL or Irving, TX.
This role is responsible for securing the organization’s cloud services. The role collaborates with internal and external stakeholders to understand the cloud services and ensure they are configured and align with existing information security policies, roadmaps and architecture.
Your specific job duties will include:
1. Investigate and analyze existing cloud structures and create new and enhanced security methods that will enhance the security of cloud-based environments.
2. Design, implement and maintain cloud security infrastructure and cloud security technologies to protect sensitive data including PHI.
3. Improve and develop new designs and security strategies across all types of cloud-based applications (including infrastructure, platform, and software as a service)
4. Integrate cloud security technologies with existing tools sets such as but not limited to MultiPlan’s existing SIEM, EDR, DLP and IAM solutions.
5. Coordinate with enterprise architects and engineering teams to ensure existing and new cloud services align to stated policies, audit requirements and industry best practices.
6. Lead the development and maintenance of the organization’s security policies and standards for use in cloud environments.
7. Serve as a cloud-security subject matter expert to support cloud-risk analysis programs by performing, analyzing, and documenting cloud-security surveys and risk-assessments.
8. Ensure that all cloud tool sets and their integrations are properly maintained to meet stated policies, audit requirements and industry best practices.
9. Stay abreast of emerging security threats, vulnerabilities and controls
10. Identify and maintain KPIs and other metrics that show the effectiveness of the program.
11. Provide Security Incident Response support and participate in the development of business cases and presentations on cloud security technologies.
12. Direct and influence multi-disciplinary teams in implementing and operating Cyber Security controls
13. Ensure compliance with but not limited to HIPAA, HITRUST, NIST, SOX, SOC 1 and 2 type 2.
14. Demonstrate Company’s Core Competencies and values held within.
15. Please note due to the potential exposure to sensitive data – this role is considered a High Risk and Privileged Role.
16. The position responsibilities outlined above are in no way to be construed as all encompassing. Other duties, responsibilities, and qualifications may be required and/or assigned as necessary.
You will work under minimal supervision and exercise discretion when making decisions related to job responsibilities. You will rely on varied knowledge gained through previous experience with non-standard issues to review, analyze, and draw conclusions. You will have authority to act on resolutions of extraordinary issues and provide input to how information is presented to the client and communicate results to Supervisor on a weekly basis. Contact with others requires tact, persuasiveness, minimum deviation from standard routings or the making of incidental adjustments to facilitate delivery of services or work output. The impact on day-to-day operations focuses on operating decisions at the major project or functional level. Work will be subject to occasional review by Supervisor. You will field questions from a variety of sources both within and outside the Company.