Cloud Security Operations Engineer (GCP/AWS) - Remote

Medable Job Posting

Medable's mission is to get effective therapies to patients faster. We provide an end-to-end, agentic clinical trial platform with a flexible suite of tools that allows patients, healthcare providers, clinical research organizations and pharmaceutical sponsors to work together as a team in clinical trials. Our solutions enable more efficient clinical research, more effective healthcare delivery, and more accurate precision and predictive medicine. Our target audiences are patients, providers, principal investigators, and innovators who work in healthcare and life sciences.

Our vision is to accelerate the path to human discovery and medical cures. We are passionate about driving innovation and empowering consumers. We are proactive, collaborative, self-motivated learners, committed, bold and tenacious. We are dedicated to making this world a healthier place.

Responsibilities

• Work cross-functionally with Information Security Operations and Infrastructure/DevOps teams, to administer and optimize security posture across multi-cloud (GCP/AWS) infrastructure, including native security services, IAM, logging, and threat detection.
• Triage and respond to cloud security alerts and vulnerabilities; implement timely mitigations, configuration changes, and patches.
• Own configuration and hygiene for cloud security consoles (examples: GCP Security Command Center, Cloud Logging, Cloud Armor, KMS, IAM, etc.).
• Partner with DevOps to implement secure baseline configurations and guardrails (network segmentation, least privilege, encryption, key management, secrets handling, egress controls), in alignment with industry standard frameworks such as CIS, NIST 800-53, OWASP Top 10, etc.
• Run day-to-day vulnerability workflows: detection, prioritization, remediation, and validation across cloud services, hosts, containers, and third-party dependencies.
• Manage and harden security configurations for Kubernetes Engine environments, including:
  • Cluster and node security settings, RBAC, pod security controls, network policies, admission controls, and runtime security, Image vulnerability scanning, container supply-chain controls, patch cadence and version lifecycle management for clusters/nodes and supporting components.
• Support secure implementations/integrations of AI within cloud infrastructure, including:
  • Data protection controls (PII/PHI handling, encryption, retention, audit logging).
  • Network controls (private connectivity where feasible, egress restrictions, proxying, allowlists).
  • Usage monitoring, abuse prevention, and security reviews for AI-driven features/workflows.
  • Contributing to internal AI security standards (prompt/data handling guidance, logging strategy, third-party risk considerations).
• Work cross-functionally with IS Risk and Compliance team to produce evidence and reporting to support internal security requirements and external compliance obligations (e.g., SOC 2 / ISO-aligned controls, healthcare and privacy expectations).
• Participate in security incident response for cloud-related events, including containment and recovery actions.
• Other duties as assigned.

Experience

• 4+ years of hands-on experience in cloud security, DevSecOps, cloud engineering with security focus, or security operations in cloud environments or a combination of education and experience.
• Experience in healthcare technology and/or regulated environments (privacy, audit evidence, security control documentation).
• Practical experience administering security controls in GCP and AWS (IAM, logging, encryption/KMS, network security, cloud security services).
• Experience securing Kubernetes environments, including RBAC, cluster hardening, workload controls, and patch/version management.
• Strong vulnerability management experience (triage, remediation coordination, patching workflows, validation).
• Experience supporting secure integrations of LLM/AI services (e.g., ChatGPT/Grok) in production systems, including data governance and key management.

Skills

• Ability to work cross-functionally between InfoSec and Infrastructure/DevOps, and translate security requirements into implementable controls.
• Comfort working from tickets/alerts through to implemented changes in production cloud environments.
• Comfortable writing code in any one programming language: Javascript/Python/Bash.
• Familiarity with Infrastructure-as-Code and automation concepts (Terraform/CloudFormation, CI/CD pipelines, scripting).

Education, Certifications, Licenses

• Bachelor's degree in Cybersecurity, Information Technology, Computer Science or a related field preferred.
• Security certifications (one or more): GCP Professional Cloud Security Engineer, CISSP, CCSP, Security+.

Travel Requirements

As required.

Rewards

At Medable, we believe that our team of Medaballers is our greatest asset. That is why we are committed to your personal and professional well-being. Our rewards are more than just benefits - they demonstrate our commitment to providing an inclusive, healthy and rewarding experience for all our team members.

Flexible Work

• Remote from the start, we believe in a flexible employee experience

Compensation

• Competitive base salaries
• Annual performance-based bonus
• Stock options for employees, aligning personal achievements to Medable's success

Health and Wellness

• Comprehensive medical, dental, and vision insurance coverage
• Carrot Fertility Program
• Health Saving Accounts (HSA) and Flexible Spending Accounts (FSA)
• Wellness program (Mental, Physical and Financial)

Recognition

• Peer-to-peer recognition program, celebrating achievements and milestones

Community Involvement

• Volunteer time off to support causes you care about

Medable is committed to providing reasonable accommodations for qualified individuals with disabilities in our job application procedures. If you need assistance or would like to request an accommodation due to a disability, please contact us at View email address on click.appcast.io.