Cloud Security Engineer/DevSecOps Engineer

Title: Cloud Security Engineer/DevSecOps Engineer

Location: This position can be based remotely within the US; EST Preferred

Opportunity

We are looking for a Cloud Security Engineer / DevSecOps Engineer to help strengthen and mature security across our AWS and Azure environments, software delivery workflows, vulnerability management processes, compliance operations, and security monitoring platforms.

This is a mid-level individual contributor role for someone who can work independently on defined security initiatives, partner directly with engineering and IT teams, and contribute to cloud security architecture decisions. The ideal candidate is hands-on, practical, and comfortable translating security and compliance requirements into actionable technical improvements.

This role will work across cloud security, DevSecOps, vulnerability management, detection support, and audit readiness using platforms such as AWS, Microsoft Azure, Vanta, Compyl, Rapid7, Wazuh, and InsightIDR.

Responsibilities

• Review, improve, and help design secure architectures across AWS and Microsoft Azure environments.
• Implement and maintain cloud security controls related to IAM, network segmentation, encryption, logging, key management, backups, secure configuration, and access control.
• Identify and remediate cloud misconfigurations, excessive permissions, insecure storage, public exposure, weak logging, and missing security controls.
• Partner with engineering and infrastructure teams to integrate security checks and DevSecOps practices into CI/CD workflows.
• Operate and improve vulnerability management processes, including scanning, validation, prioritization, remediation tracking, reporting, and exception review.
• Use security monitoring and telemetry platforms to support alert triage, endpoint visibility, log review, investigation, and detection improvement.
• Support compliance monitoring, evidence collection, control mapping, and audit readiness activities using Vanta and Compyl.
• Map technical controls to compliance requirements, internal policies, customer security expectations, and audit evidence needs.
• Participate in threat modeling and security reviews for new applications, infrastructure changes, cloud deployments, and third-party integrations.
• Support incident response activities, including alert investigation, log analysis, evidence gathering, containment recommendations, and post-incident improvements.
• Improve identity and access management practices, including least privilege, MFA, conditional access, service principals, role reviews, privileged access controls, and access certification support.
• Create and maintain security documentation, cloud security standards, control narratives, runbooks, remediation procedures, and architecture diagrams.
• Support implementation and maintenance of security benchmarks and frameworks such as CIS, NIST, SOC 2, ISO 27001, HIPAA, FedRAMP Moderate, and HITRUST.
• Translate security and compliance requirements into practical technical tasks for engineering, IT, and infrastructure teams.

Requirements

• 3-5 years of experience in cybersecurity, cloud security, DevOps, infrastructure, systems administration, security operations, compliance operations, or a related technical role.
• Hands-on experience with AWS and/or Microsoft Azure, with the ability to work across both platforms.
• Working knowledge of cloud security concepts, including IAM, network controls, encryption, logging, monitoring, workload security, and shared responsibility models.
• Experience with common AWS security services such as IAM, CloudTrail, CloudWatch, GuardDuty, Security Hub, KMS, Config, S3 security, or VPC controls.
• Experience with common Azure security services such as Microsoft Entra ID, Azure Policy, Defender for Cloud, Key Vault, Network Security Groups, Log Analytics, Sentinel, or related services.
• Experience with vulnerability management tools such as Rapid7 InsightVM, Nexpose, InsightCloudSec, InsightIDR, or similar platforms.
• Experience with SIEM, endpoint monitoring, log analysis, or security telemetry tools such as Wazuh, Rapid7 InsightIDR, Microsoft Sentinel, or similar platforms.
• Familiarity with compliance automation, GRC, or audit readiness platforms such as Vanta, Compyl, or similar tools.
• Ability to interpret vulnerability, cloud posture, endpoint, and compliance findings and prioritize remediation based on risk.
• Working knowledge of secure configuration, patch management, asset inventory, evidence collection, vulnerability remediation, and exception management workflows.
• Basic to intermediate scripting or automation experience using Python, PowerShell, Bash, Terraform, or similar tools.
• Strong communication and documentation skills, including the ability to explain technical risks, write clear procedures, and recommend practical remediation options.
• Adhere to all organizational information security policies and protect all sensitive information including but not limited to ePHI and PHI in accordance with organizational policy and Federal, State, and local regulations

Even Better

• Bachelor's degree in Cybersecurity, Information Systems, Computer Science, Business, Accounting, Risk Management, or equivalent practical experience.
• Experience supporting compliance and security frameworks such as SOC 2, ISO 27001, HIPAA, NIST, CIS, FedRAMP Moderate, and HITRUST, or similar standards.
• Experience with infrastructure as code tools such as Terraform, CloudFormation, ARM/Bicep, or Azure DevOps.
• Experience with CI/CD platforms such as GitHub Actions, GitLab CI, Jenkins, Azure DevOps, or similar.
• Experience with container or workload security for Docker, Kubernetes, ECS, EKS, AKS, or Azure Container Apps.
• Working knowledge of application security concepts, including OWASP Top 10, secrets management, dependency scanning, secure SDLC, and threat modeling.
• Experience with cloud security posture management, vulnerability dashboards, alert tuning, security reporting, and control monitoring.
• Familiarity with Microsoft 365 security, Microsoft Entra Conditional Access, Defender, Intune, or endpoint management.
• Experience creating or improving security architecture diagrams, control narratives, remediation guides, operational procedures, and audit evidence.
• Relevant certifications such as Security+, AWS Certified Security Specialty, AWS Solutions Architect Associate, Azure Security Engineer Associate, Azure Administrator Associate, SC-200, or equivalent practical experience.

About GW RhythmX

GW RhythmX is revolutionizing healthcare through connected, AI-native intelligence that unites clinical insight, patient engagement, and system-wide care orchestration. The company combines market-leading AI precision care technology with extensive trusted patient engagement leadership to help health systems deliver the right care, at the right time, through the right clinician and channel. Its solutions are deployed across more than 150 health systems, touching more than 85M patients including 8M U.S. military veterans. The company's award-winning solutions were recognized again in 2024 by KLAS Research, Fierce Healthcare, and AVIA Marketplace. A SymphonyAI Group company, GW RhythmX leverages various firm assets, including $1B+ in R&D investment, longitudinal data related to 300 million patients, 4.4 billion total annual claims, and 1.8 million healthcare professionals at more than 3,000 facilities globally.


Most relevant press releases:

Presbyterian Healthcare Services Expands Use of GW RhythmX to 200 Primary Care Clinicians in the First Full System Deployment of a Precision Care AI Platform - RhythmX AI

Get Well, a leader in patient engagement software, and RhythmX AI, a leader in AI-powered precision care, will combine to form GW RhythmX to usher in the next generation of precision care

About SymphonyAI Group

SymphonyAI Group (SAIGroup) is a private investment firm building leading global enterprise AI businesses by accelerating innovation and growth. SAIGroup companies ConcertAI, SymphonyAI, and GW RhythmX deliver AI solutions that transform industries and bring value to companies, workers, healthcare professionals, and patients. The companies collectively represent a workforce of more than 4,000 talented engineers, data scientists and industry/healthcare experts. SAIGroup is backed by a $1 billion commitment from Founder and CEO Dr. Romesh Wadhwani, a noted entrepreneur and philanthropist. Learn more at and follow SAIGroup on LinkedIn.


When it comes to careers, our approach is simple: empower employees to do their best work and live their best professional and personal lives. Meeting the needs of a diverse group of employees across more than 30 states means offering tools to support financial, physical and emotional well-being and the choice to design what meets your needs. You'll find everything you'd expect and many things you don't: exceptionally generous paid time away from work, a variety of paid leave programs, savings opportunities with 401(k) and incentive plans, internal education programs, full array of health benefits, fitness reimbursement, cell phone subsidy, casual offices with snacks and drinks, peer recognition programs, health advocacy and employee assistance programs, pet insurance (yes, really) and so much more. Our most valuable benefit? An environment that supports YOU. The estimated pay range for this position is $140,000-$170,000 in base salary plus bonus. Base salary is dependent on many factors including, but not limited to education, experience and skills. This range is subject to change and may be modified in the future.


GW RhythmX is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age or veteran status.