Cloud Security Engineer

Aspirion Health Resources LLC

Cloud Security Engineer

Columbus, GA
Full Time
Paid
  • Responsibilities

    What is Aspirion?

    For over two decades, Aspirion has delivered market-leading revenue cycle services. We specialize in collecting challenging payments from third-party payers, focusing on complex denials, aged accounts receivables, motor vehicle accident, workers’ compensation, Veterans Affairs, and out-of-state Medicaid.

    At the core of our success is our highly valued team of over 1,400 teammates as reflected in one of our core guiding principles, “Our teammates are the foundation of our success.” United by a shared commitment to client excellence, we focus on achieving outstanding outcomes for our clients, aiming to consistently provide the highest revenue yield in the shortest possible time.

    We are committed to creating a results-oriented work environment that is both challenging and rewarding, fostering flexibility, and encouraging personal and professional growth. Joining Aspirion means becoming a part of an industry leading team, where you will have the opportunity to engage with innovative technology, collaborate with a diverse and talented team, and contribute to the success of our hospital and health system partners. Aspirion maintains a strong partnership with Linden Capital Partners, serving as our trusted private equity sponsor.

    What do we need?

    The Cloud Security Engineer is responsible for designing, implementing, and managing security solutions in our cloud infrastructure. This role requires a deep understanding of cloud security best practices, a proactive approach to identifying vulnerabilities, and a commitment to ensuring the security and compliance of our cloud environments.

    What will you provide?

    • Develop and implement security strategies and solutions for Azure, AWS, and Google Cloud environments, focusing on network security, identity and access management, and data protection.
    • Leverage automation, Infrastructure as Code (IaC), and continuous compliance strategies. Interface with DevSecOps teams to define and implement security and compliance requirements for production CI/CD pipelines.
    • Conduct risk assessments and vulnerability analyses for cloud infrastructure, identify potential threats, and recommend appropriate mitigation strategies.
    • Implement and manage Microsoft Purview for data governance, ensuring effective data classification, encryption, and compliance with data loss prevention (DLP) policies.
    • Utilize Microsoft Intune for endpoint management, ensuring secure and compliant configurations across all devices.
    • Collaborate with IT teams to implement security measures within Azure and Microsoft 365, including setting up multi-factor authentication (MFA), configuring security groups, and managing conditional access policies.
    • Work closely with other IT teams to integrate security practices into development and operational processes, providing guidance and training on cloud security best practices to stakeholders.
    • Oversee SOC activities in monitoring cloud environments for security incidents and responding to alerts. Provide leadership and ensure effective incident response and remediation, staying informed of all incidents and ensuring the SOC MSSP meets performance expectations.
    • Utilize automation tools and scripting (e.g., PowerShell) to streamline security processes, manage security configurations, and enhance overall efficiency.
    • Ensure cloud environments comply with industry standards, regulations, and best practices (e.g., HIPAA, NIST), and assist in maintaining compliance certifications and preparing for audits.
    • Create and maintain comprehensive security policies and procedures for cloud operations.
    • Develop and deliver targeted security training and awareness programs to ensure staff are well-informed and compliant with best practices.
    • Deep knowledge of cloud security best practices across major platforms (Azure, AWS, Google Cloud).
    • In-depth understanding of risk management and vulnerability analyses of cloud infrastructure.
    • Proficiency in network security, identity and access management, and data protection within cloud environments.
    • Ability to create and deliver effective security training and awareness programs.
    • Strong interpersonal skills for working with IT teams and stakeholders to integrate security practices.
    • Experience in leading cross-functional incident response efforts, including coordination with legal, compliance, and executive teams.
    • Proficiency in using automation tools and scripting languages (e.g., PowerShell) to enhance security processes and efficiency.
    • Ability to work in and manage ambiguity, including dealing effectively with issues that do not always have a process, system, or solution in place.
    • Demonstrate alignment to our company's values, along with the capability to hire, lead, develop, and motivate a team.
    • Highly developed oral and written interpersonal, communication, negotiation and conflict management skills and the ability to work effectively with other people.
    • Self-starter with high initiative.
    • Perform other duties as assigned.

    Education and Experience Requirements

    • Minimum of 5 years of experience in cloud security, with hands-on experience in managing and securing cloud environments across Azure, AWS, and Google Cloud is required.
    • One or more of the following security certifications is required:
      • Certified Information Systems Security Professional (CISSP)
      • Certified Information Security Manager (CISM)
      • AWS Certified Security – Specialty, Microsoft Certified: Azure Security Engineer.
    • Experience and expertise is required in the following core areas:
      • Implementing and/or materially maturing an existing Cloud Security program.
      • Data classification, encryption methodologies, managing data loss prevention, and compliance standards.
      • Knowledge of mobile device management (MDM) and mobile application management (MAM) principles, ensuring secure configurations and compliance across diverse endpoints.
      • Conducting risk assessments, performing audits, and leading incident response efforts.
      • Developing and maintaining security policies and procedures.
      • Recommending and implementing security tools specific to cloud environments.
    • Minimum of 5 years of experience in cybersecurity & ensuring standards with HIPAA compliance is required.
    • Familiarity with NIST standards and HITRUST MyCSF certification is preferred.
    • Bachelor’s degree in computer science, Information Technology, Cybersecurity, or a related field is preferred.

    Benefits

    At Aspirion we invest in our employees by offering unlimited opportunities for advancement, a full benefits package, including health, dental, vision and life insurance upon hire, matching 401k, competitive salaries, and incentive programs.

    Individual pay is determined by a number of factors including, but not limited to, job-related skills, experience, education, training, licensure or certifications obtained. Market, location and organizational factors are also considered.

    Must reside in the United States within one of the states listed below:

    Alabama, Arizona, Arkansas, Delaware, Florida, Georgia, Iowa, Indiana, Kansas, Kentucky, Louisiana, Massachusetts, Maine, Maryland, Michigan, Minnesota, Missouri, Mississippi, Montana, North Carolina, Nebraska, New Hampshire, Ohio, Oklahoma, Pennsylvania, Rhode Island, South Carolina, South Dakota, Tennessee, Texas, Virginia, Wisconsin, West Virginia, and Wyoming.

    AAP/EEO Statement

    Equal Opportunity Employer/Drug-Free Workplace: Aspirion is an Equal Employment Opportunity employer. We adhere to a policy of making employment decisions without regard to race, color, age, sex, pregnancy, religion, national origin, ancestry, medical condition, marital status, gender identity citizenship status, veteran status, disability, or veteran status. Aspirion has a Drug-Free Workplace Policy in effect that is strictly adhered to.