Cloud Security Engineer

OUR COMPANY:

EOS IT Solutions is a Global Technology and Logistics company, providing Collaboration and Business IT Support services to some of the world’s largest industry leaders, delivering forward-thinking solutions based on multi-domain architecture. Customer satisfaction and commitment to superior quality of service are our top business priorities, along with investing in and supporting our partners and employees.

We are a true International IT provider and are proud to deliver our services through global simplicity with trusted transparency.

WHAT YOU WILL DO:

The Cloud Security Engineer will play a pivotal role in the cloud security service delivery model. The role combines deep technical expertise, collaboration across internal and external teams to design, implement, and optimize cloud security controls and service lines. The candidate will support both project-based and continuous security initiatives, focusing on securing our client's cloud migration, supporting cloud security tool optimization, cloud security processes for the Information Security team, cloud/hybrid controls, automation, and risk-driven security outcomes.

KEY RESPONSIBILITIES:

• A Principal Information Security Specialist has similar responsibilities to Information Security Specialist III personnel. However, a Principal Information Security Specialist is deemed to be the subject matter expert and in-house advisor on complex problems and issues. A Principal Information Security Specialist also:
• Works independently to initiate assignments and draws upon extensive professional knowledge and experience to make independent judgments regarding analysis, evaluation, development, and implementation of enterprise long-term solutions and operating initiatives to ensure that enterprise architectural objectives are aligned with organizational needs and strategic goals.
• Optimizes information management approaches through an understanding of evolving business needs and technology capabilities and ensures that projects do not duplicate functionality or diverge from each other and business and DTS strategies.
• Shapes, designs, and plans specific service lines in product area and manages the risks associated with information and DTS assets through appropriate standards and security policies.
• Functions as the Subject Matter Expert (SME) to maintain an understanding of our client's DTS business and clinical applications and the relationship to InfoSec and compliance solutions; assist Hospital stakeholders in understanding information protection needs that support the Hospital's business.
• Works with other architects to provide a consensus based enterprise solution that is scalable, adaptable and in synchronization with ever changing business needs and takes ownership of a particular solution offering.
• Works with highly matrixed team of DTS personnel to support enterprise architecture and information security operations including, but not limited to, architecture and InfoSec principles around identity & access management models, cloud identify management providers, security information and event monitoring, and data loss prevention, perimeter (e.g. firewalls, IPS, web filtering), cloud and virtualization environments and network security (host-based firewalls, anti-virus, disk encryption).
• Support and/or lead activities around InfoSec standards for business continuity and change management activities (e.g., table tops and change review board) and educates DTS Hospital management on security issues (e.g., Identity and Access Management (IAM), Role Based Access Control (RBAC) models.

The department works approximately 80% remotely, 20% on site in our Philadelphia offices on an as-needed basis.

ESSENTIAL CRITERIA:

• At least twelve (12) years industry related experience, including experience in one to two IT disciplines (such as technical architecture, network management, application development, middleware, information analysis, database management or operations) in a multitier environment. 
• At least six (6) years experience with information security, regulatory compliance and risk management concepts. 
• At least three (3) years experience with Identity and Access Management, user provisioning, Role Based Access Control, or control self-assessment methodologies and security awareness training. 
• Experience with Cloud and/or Virtualization technologies.
• Proven experience in securing a multi-cloud environment.
• Proven experience with Identity and access management in the cloud
• Proven experience with all security service lines in a cloud environment and the supporting security tools and processes to be successful.
• Demonstrate collaboration with internal stakeholders, vendors, and supporting teams to design, implement, and maintain security technologies across network, endpoint, identity, and cloud infrastructure.
• Drive continuous improvement and coverage of cloud security controls by validating alerts, triaging escalations, and working with the MSP to fine-tune detection and prevention capabilities.
• Lead or support the development of incident response plans, engineering runbooks, tabletop exercises, and system hardening guides.
• Ensure alignment of security architectures with our client's policies, standards, and external frameworks such as NIST SP 800-53, HIPAA, PCI-DSS, CISA ZTMM, CIS Benchmarks, and Microsoft CAF Secure Methodology, AWS CAF, AWS Well Architected framework, Google CAF
• Participate in design and governance forums to provide security input into infrastructure, DevSecOps, and cloud-native application strategies.
• Assist with audits, compliance assessments, risk remediation plans, and evidence collection with internal compliance and external third-party stakeholders.
• Mentor and support junior InfoSec engineers through documentation, training, and peer reviews.
• Hands-on experience in security engineering, systems integration, and cloud architecture (Azure preferred).
• Proficiency in tools and domains such as: EDR (Microsoft Defender), SIEM (Sentinel or Splunk), CSPM (e.g., Wiz), IAM (Entra ID), VPNs/NGFWs, NAC, and encryption protocols.
• Demonstrated understanding of secure configuration management, automation pipelines (e.g., Terraform, PowerShell), and vulnerability management platforms.

DESIRABLE CRITERIA:

• At least three (3) years in working with matrixed high performance teams.
• Preferred relevant certifications: Sec+, Azure Security Engineer (SC-200), CCSP, GSEC, or equivalent.
• Experience developing or contributing to cloud governance, tagging standards, or infrastructure-as-code (IaC) security policies.
• Experience in healthcare, research, or life sciences environments is highly desirable.
• Strong interpersonal and communication skills; ability to convey technical concepts to non-technical stakeholders. 
• Certified Information Systems Security Professional (CISSP) - Information Systems Audit and Control Association (ISACA)
• HealthCare Information Security and Privacy Practitioner (HCISPP) - Information Systems Audit and Control Association (ISACA)
• Certified in Cybersecurity - Information Systems Audit and Control Association (ISACA)
• Systems Security Certified Practitioner (SSCP) - Information Systems Audit and Control Association (ISACA)
• Certified Information Security Manager (CISM) - Information Systems Audit and Control Association (ISACA)
• Certified Information Systems Auditor (CISA) - Information Systems Audit and Control Association (ISACA)
• Certified in the Governance of Enterprise IT (CGEIT) - Information Systems Audit and Control Association (ISACA)
• Certified in Risk and Information Systems Control (CRISC) - Information Systems Audit and Control Association (ISACA)
• CompTIA Security+ - CompTIA
• GIAC Security Essentials (GSEC) - GIAC Certifications
• Certified Ethical Hacker (CEH) - EC-Council
• Certificate of Cloud Security Knowledge (CCSK) - Cloud Security Alliance (CSA)
• Certificate of Cloud Auditing Knowledge (CCAK) - Cloud Security Alliance (CSA)

The EOS pay range for this job is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, experience, education, knowledge, skills, and abilities, as well as internal equity, market data, or other laws. 

EOS is committed to creating a diverse and inclusive work environment and is proud to be an equal opportunity employer. We invite you to consider opportunities at EOS regardless of your gender; gender identity; gender reassignment; age; religious or similar philosophical belief; race; national origin; political opinion; sexual orientation; disability; marital or civil partnership status or other non-merit factor.

#LI-MS2