Cloud Security Lead - HIPAA/SOC II

Job Summary :

Key Responsibilities: :

- Design, implement, and continuously improve the cloud security architecture for our SaaS platform hosted on

AWS/Azure/GCP.

- Integrate DevOps best practices into the software development lifecycle and infrastructure provisioning.

- Define and enforce IAM policies, encryption standards, VPC and firewall configurations, and secure network design.

- Drive incident response and disaster recovery planning for cloud environments.

- Collaborate with compliance teams to ensure ongoing HITRUST, HIPAA, SOC 2, and ISO 27001 readiness.

- Lead threat modelling sessions and educate teams on secure coding and deployment practices.

- Stay current on industry threats and tools and recommend improvements to our security stack.

Requirements :

- 6+ years of experience in cloud security, infrastructure security, or cybersecurity roles.

- Deep hands-on experience with AWS, Azure, or GCP security services.

- Strong background in ethical hacking, penetration testing, and red teaming.

- Proficiency in tools like Burp Suite, Metasploit, Nmap, Wireshark, Nessus, and Kali Linux.

- Experience with DevSecOps tools and concepts (e.g., Terraform, Ansible, CI/CD security integration).

- Strong understanding of container security (Docker, Kubernetes).

- Experience securing multi-tenant SaaS platforms, especially in healthcare or regulated environments.

- Knowledge of compliance frameworks like HIPAA, SOC 2, and ISO 27001.

- Excellent communication skills and a collaborative mindset.

Preferred Certifications :

- OSCP, CEH, AWS Security Specialty, CISSP, or relevant security certifications