Cloud Security Operations Engineer – GCP/AWS

This is a fully remote position, open to applicants in Alaska, +1 more state.

📋 Description

• Collaborate across Information Security Operations and Infrastructure/DevOps teams to manage and enhance security measures within multi-cloud (GCP/AWS) environments, encompassing native security services, IAM, logging, and threat detection.

• Assess and react to cloud security alerts and vulnerabilities; execute prompt mitigations, configuration updates, and patches.

• Take ownership of configuration and maintenance for cloud security consoles (for instance: GCP Security Command Center, Cloud Logging, Cloud Armor, KMS, IAM, etc.).

• Work alongside DevOps to establish secure baseline configurations and guardrails (including network segmentation, least privilege, encryption, key management, secrets handling, egress controls), in accordance with industry-standard frameworks such as CIS, NIST 800-53, OWASP Top 10, etc.

• Execute daily vulnerability workflows: detection, prioritization, remediation, and validation across cloud services, hosts, containers, and third-party dependencies.

• Oversee and strengthen security configurations for Kubernetes Engine environments, which includes: Cluster and node security settings, RBAC, pod security controls, network policies, admission controls, and runtime security, along with image vulnerability scanning, container supply-chain controls, patch cadence, and version lifecycle management for clusters/nodes and supporting components.

• Aid in the secure implementation/integration of AI within cloud infrastructure, including: Data protection measures (handling of PII/PHI, encryption, retention, audit logging).

• Establish network controls (private connectivity where applicable, egress restrictions, proxying, allowlists).

• Monitor usage, prevent abuse, and conduct security reviews for AI-driven features/workflows.

• Contribute to the development of internal AI security standards (guidance on prompt/data handling, logging strategies, third-party risk considerations).

• Collaborate with the IS Risk and Compliance team to generate evidence and reports to meet internal security requirements and external compliance obligations (such as SOC 2 / ISO-aligned controls, healthcare and privacy standards).

• Engage in security incident response for cloud-related incidents, including containment and recovery actions.

• Perform other assigned duties.

⛳️ Requirements

• A minimum of 4 years of practical experience in cloud security, DevSecOps, cloud engineering with a security emphasis, or security operations within cloud settings, or a mix of education and experience.

• Familiarity with healthcare technology and/or regulated environments (privacy, audit evidence, security control documentation).

• Hands-on experience managing security controls in GCP and AWS (IAM, logging, encryption/KMS, network security, cloud security services).

• Experience in securing Kubernetes environments, including RBAC, cluster hardening, workload controls, and patch/version management.

• Robust experience in vulnerability management (triage, remediation coordination, patching workflows, validation).

• Experience facilitating secure integrations of LLM/AI services (e.g., ChatGPT/Grok) in production systems, with a focus on data governance and key management.

🏝️ Benefits

• Flexible Work Remote from day one, as we prioritize a flexible employee experience.

• Competitive base salaries.

• Annual performance-based bonuses.

• Stock options for employees, aligning personal successes with Medable's achievements.

• Comprehensive medical, dental, and vision insurance coverage.

• Carrot Fertility Program.

• Health Savings Accounts (HSA) and Flexible Spending Accounts (FSA).

• Wellness program (Mental, Physical, and Financial).

• Peer-to-peer recognition program to celebrate achievements and milestones.

• Volunteer time off to support causes that matter to you.