Staff Cloud Security Engineer

At Kyruus Health, our mission is to connect people to the right care, in pursuit of our vision: a better healthcare system- one that's transparent and accessible- where everyone gets the care they need. Our values are at the heart of everything we do:
We care deeply – We do the right thing even if it’s the harder thing. We are fiercely driven – We harness our curiosity to pursue continuous improvement and create simple solutions to complex problems.We lead with respect – We celebrate the individual traits that make each of us unique and seek out diverse voices to listen and learn.We are accountable – We do what we promise for each other and our customers.
Here’s what that would mean for you in the Staff Cloud Security Engineer role. Care: You care about our patients, our customers, our employees and our company. You want to do everything you can to keep them and their data safe.Driven:  You want to build the best Information Security program possible.Respect:  You respect the other departments at Kyruus Health. Security should be an enabler of their success.Accountable:  You value our compliance certifications and look to improve with each assessment cycle. 

What you will do in a Staff Cloud Security Engineer role at Kyruus Health:

• Maintain and Operate Secure Cloud Infrastructure: Lead the ongoing maintenance and operation of secure cloud infrastructures, focusing on AWS and cloud-native technologies. Ensure environments are resilient, compliant, and secure through multi-layered protection strategies.
• Cloud Platform Management: Define requirements for securely managing and configuring cloud infrastructure, leveraging Infrastructure as Code (IaC) practices to automate and standardize the deployment and management of cloud resources. 
• Perimeter Protection: Measures to safeguard the perimeter of cloud environments, including network security controls such as firewalls, intrusion detection and prevention systems (IDS/IPS), and secure access controls.
• Cloud Native Application Protection: Secure applications built for cloud environments by automating security assessments, monitoring runtime environments, and integrating security practices into the development lifecycle. Focus on containers, serverless architectures, and virtual machines, adapting to emerging threats.
• Cloud Workload and Data Protection: Implement robust security controls for cloud workloads and data, including containers, virtual machines, and serverless architectures. Protect against threats while maintaining performance and scalability, using encryption, data loss prevention, and access controls.
• Secrets Management: Lead efforts to ensure keys are securely managed, store, and rotate secrets and sensitive data (e.g., API keys, passwords, certificates, encryption keys) across cloud environments. Implement best practices for secrets management using tools to ensure secure and efficient access control, data protection, and compliance.
• Identity and Access Management (IAM): Define requirements for managing user identities, authentication mechanisms, and access privileges within cloud environments to prevent unauthorized access and ensure least privilege access principles are followed.
• Security Incident Response: Contribute to incident response efforts, including detection, analysis, containment, and recovery. Work with internal and external stakeholders to minimize the impact of incidents and prevent future occurrences.
• Compliance & Auditing: Ensure that cloud infrastructure is compliant with relevant industry standards (e.g., SOC 2, HITRUST, HIPAA) and internal security policies.
• Collaboration: Act as a liaison between the security team and other departments, such as IT, legal, and executive management. Communicate complex security concepts and issues in a clear and actionable manner to non-technical stakeholders.
• Continuous Improvement: Identify opportunities for process improvements and enhancements in cloud security. Lead initiatives to upgrade or replace outdated systems and practices.
• Contribute to a Collaborative Security Strategy: Engage with various teams in defining and implementing the overall security strategy related to infrastructure, ensuring that security is an enabler for our business.
• Help Us Achieve our Certification Goals: Participate in our journey to HITRUST or FedRamp certification.
• You’ll report to the Senior Director, Information Security  in the Information Security Department within the Engineering & Technology Division.

How You Can Grow
• Kyruus Health will bring you through an onboarding process that is both structured and self-guided,  designed to enable connection and productivity as you learn more about our company, functions and products.  Additionally, we have a culture of feedback, inclusive of our performance review process that provides you with the coaching, resources and opportunities to help you learn and grow with us. 
• Kyruunauts in the  Staff Cloud Security Engineer role can move in a more linear career path to a Senior Staff Cloud Security Engineer position.  From there, you could move into a more senior individual contributor role or explore a management position within the security vertical.  
• Kyruus Health also loves to see an internal transfer. If a linear career path is not what you’re looking for, you can work with your manager and HR to explore lateral moves to other parts of the organization as you continue to grow with us. 

What you will bring:

• 8+ years of experience in cloud security or related roles, with at least 3 years focused on securing cloud environments (AWS, GCP).
• Industry certifications such as AWS Certified Security Specialty, Certified Cloud Security Professional (CCSP), or similar are preferred.
• Hands-on experience securing cloud environments, including IAM, network security, data protection, and vulnerability management.
• Proficiency in cloud-native security tools (e.g., AWS GuardDuty, Google Cloud Security Command Center) and third-party security solutions (e.g., Tenable, Crowdstrike).
• Strong proficiency in scripting languages (e.g., Python, Bash, Terraform) and automation tools. 
• In-depth knowledge of networking protocols (TCP/IP, DNS, VPN, etc.) and encryption technologies (SSL/TLS, AES).
• Strong experience with incident response, including monitoring, detection, and triage of security events in cloud environments.
• Familiarity with industry regulations and frameworks (e.g., NIST, SOC 2, ISO 27001) and experience implementing security controls to meet compliance requirements.
• Exceptional analytical and problem-solving skills, with the ability to identify and address complex security risks and develop innovative, comprehensive mitigation strategies.
• Strong leadership and project management skills, with the ability to plan, execute, and monitor security projects and initiatives, effectively prioritizing based on risk and business impact.
• Excellent communication and collaboration skills, enabling effective interaction with both technical and non-technical stakeholders, including presenting findings to executive leadership and board members.
• Experience in mentoring, coaching, and developing less experienced team members, building a strong team culture and fostering collaboration across the organization.
• Ability to drive strategic security initiatives and influence decision-making at the organizational level, aligning security practices with business objectives.

Compensation Information:

• Base Pay Range: $143,000 - $174,000/year
• Other Compensation: In addition to your salary, this position is also eligible for our annual bonus program, equity, and benefits. Salary ranges are a guideline and pay is based on a variety of factors including; qualifications, competencies, skill-set, and organizational needs. Your recruiter can share more information about the salary range specific to your candidacy and other factors during the hiring process.
• Benefits: Our benefits package includes medical, dental, and vision benefits, unlimited paid time off (PTO), generous paid parental leave, a home office stipend, 401(k) program with company match, and a wellness and lifestyle program. Please refer to the company's benefits section on our career page or connect with your recruiter for full details. 

Equal Opportunity Employer
Kyruus Health is dedicated to providing equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, gender, national origin, citizenship, age, disability, sexual orientation, genetic information. We will not discriminate, in any employment decision, against any individual or group on the basis of race, color, religion, sex, gender, national origin, citizenship, age, disability, sexual orientation, genetic information, or veterans/national guard/military reserve status. This shall be done in compliance with all applicable federal, state, and local laws in every location in which Kyruus Health has facilities. Apply