Cloud Security Engineer, Senior - Remote, Canada

Smile Digital Health • Remote (Toronto) • 2w ago

Working for a company like Smile Digital Health means supporting our mandate for

BetterGlobalHealth. We strive towards this goal every day, and the results can

be seen in the impact of our innovative health data platform and data management solutions, which are used in over 20 countries. We were #19 on Deloitte's Technology Fast 50 Ranking for 2024!

Smile Digital Health makes it easy for healthcare stakeholders to collect and exchange data with our leading FHIR-based data liberation platform.

At its heart, the Smile platform enables people and organizations to better manage healthcare data. We help generate and liberate structured healthcare data to ensure effective delivery across care teams and health systems bringing #BetterGlobalHealth to patients everyday!

Apply today and find plenty of reasons to SMILE!

Summary:

The Senior Cloud Security Engineer is responsible for managing risk and security related requirements for Managed Services, in the cloud and on the Smile Digital Health platform. The primary focus of this position will be on evaluating technology controls, supporting audits, conducting risk assessments, investigating incidents, enhancing security and supporting relevant compliance programs with the appropriate privacy and security frameworks for the Managed Services team.

Responsibilities:

Perform security scanning/testing, controls testing, document results, and provide detailed updates to internal colleagues.
Conduct vulnerability assessments regularly per contractual agreement and per compliance requirements.
Act as part of the SecOps team and ensure compliance of all security requirements.
Proactively identify gaps or conflicts in existing processes and help develop solutions with colleagues.
Perform assessments of systems, networks, and applications in Smile Digital Health cloud environments and readily address vulnerabilities identified.
Assist with remediation of control deficiencies and security gaps.
Research and perform tests with cutting edge security tools.
Generate regular reports and technical documentation for the SecOps team.
Assist with the education and training of process / control owners so they better understand technology control frameworks and their responsibilities.
Assist with other security aspects as needed including vendor security assessments, customer audit needs.
Facilitate third-party attestations, audits, and certification efforts for the organization.
Assist IT Operations team and IT Security and Privacy Governance teams with maintaining coverage of applicable privacy laws and regulations and closely follow emerging IT Security technologies.
Provide guidance on privacy risks and advise on application of privacy requirements.
Work with the Cloud Operations and various implementation teams to ensure best practices.
Work to integrate various security technologies with ITSM tools.
Respond to incidents as required.

Requirements:

5+ years of experience with Linux, networking, Docker, and security, plus 3+ years of experience with Azure, AWS, or GCP in containerized environments.
Strong foundation in networking and IT security principles.
Skilled in using assessment tools, analyzing system data, and tracing logs (security, network events, syslogs, IPS, firewalls, AV, DLP, web) to identify root causes.
Hands-on experience with SOAR/SIEM platforms, vulnerability scanners, IDS/IPS, and cloud security posture management.
Familiar with IT and security compliance frameworks including HITRUST, GDPR, SOC 2, ISO 27001, HIPAA, and PHIPA.
Experienced in supporting audits, compliance requirements, security policies, and incident response from a technical standpoint.
Proficient in access control and identity management for on-premise and cloud environments.
Comfortable handling confidential and sensitive data, and engaging with senior business leaders as a technical advisor.
Ability to work flexible schedules, including on-call rotations for audits and incident management.
Post-secondary education in IT security, networking, or a related field is preferred.

\n $140,000 - $160,000 a year \n

Some of the benefits we offer:

Remote Work Environment
Flexible Time Away From Work Policy including PTO, Personal and Sick Days
Competitive Salary and Health/Medical Benefits
RRSP/TFSA/401K Employee Contribution
Life and Disability
Employee Assistance Program
FHIR Study Program and Skillsoft Learning
Super HAPI Fun Club

Smile's core values include respect, inclusion, embracing our differences, and celebrating shared values because our people are the foundation of our success. We are big on creating a sense of belonging and empowering each other to bring our authentic selves to work. We are dedicated to fostering a workplace that values diversity, equity, and inclusion.

We welcome and encourage candidates of all backgrounds to apply. Candidates are encouraged to inform us if they wish to discuss or require accommodations during interviews or while working at Smile.