Our client is a leading Software as a Service (SaaS) company that specializes in the transformation of data in the US healthcare industry through cutting-edge Artificial Intelligence (AI) solutions. They are looking for a Cloud Security Lead to take ownership of their cloud security posture as they scale their healthcare SaaS platform. The ideal candidate is hands-on, has strong experience with ethical hacking and penetration testing, and is passionate about building secure, compliant, and highly available systems in the cloud.

In this role, you will work closely with engineering, DevOps, and compliance teams to ensure that patient data and healthcare workflows are protected in line with HIPAA, SOC 2, and other healthcare-specific regulations.

Responsibilities :

- Design, implement, and continuously improve the cloud security architecture for our SaaS platform hosted on AWS/Azure/GCP.

- Conduct ethical hacking, red teaming, and penetration tests to proactively identify vulnerabilities.

- Integrate Dev-Ops best practices into the software development lifecycle and infrastructure provisioning.

- Define and enforce IAM policies, encryption standards, VPC and firewall configurations, and secure network design.

- Drive incident response and disaster recovery planning for cloud environments.

- Collaborate with compliance teams to ensure ongoing HITRUST, HIPAA, SOC 2, and ISO 27001 readiness.

- Lead threat modelling sessions and educate teams on secure coding and deployment practices.

- Stay current on industry threats and tools and recommend improvements to our security stack.

Desired Profile :

- Bachelor's or masters degree in computer science, Information Security, or related field.

- 7-10 years of experience in cloud security, infrastructure security, or cybersecurity roles.

- Deep hands-on experience with AWS, Azure, or GCP security services.

- Strong background in ethical hacking, penetration testing, and red teaming.

- Proficiency in tools like Burp Suite, Metasploit, Nmap, Wireshark, Nessus, and Kali Linux.

- Experience with DevSecOps tools and concepts (e.g., Terraform, Ansible, CI/CD security integration).

- Strong understanding of container security (Docker, Kubernetes).

- Experience securing multi-tenant SaaS platforms, especially in healthcare or regulated environments.

- Knowledge of compliance frameworks like HIPAA, SOC 2, and ISO 27001.

- Excellent communication skills and a collaborative mindset

Any 2 Must have Certifications :

- OSCP, CEH, AWS Security Specialty, CISSP, or relevant security certifications