Senior Cloud Security Engineer

The Opportunity at Komodo Health

Komodo is rapidly growing and expanding our product portfolio. Security needs at Komodo Health are increasing, and we are looking for an experienced individual to help us Shift Left and improve our security posture across the organization. The Security team’s mission is to safeguard our data, infrastructure, and applications. Since we work with healthcare data, security is a high priority. In this role, you’ll be able to wear multiple hats and support security initiatives broadly across the company. You will be a crucial contributor to maturing our security capabilities.

Looking back on your first 12 months at Komodo Health, you will have…

• Discovered, remediated and validated security issues across cloud infrastructure per industry standard information security policies
• Built, deployed, and managed production security tools and services to monitor networks, endpoints, and cloud workloads
• Designedand operated scalable processes to provision cloud access and maintain least-privilege
• Performed architectural and design reviews through the security lens and provided timely, actionable requirements and recommendations
• Rolled out new technology for cloud specific security concerns
• Reviewed engineering application design, both new and existing
• Developed internal tooling to automate security detection and configuration
• Improved our ability to detect vulnerabilities in our applications
• Partnered with internal engineering teams to implement projects 
• Monitored and responded to alerts from SIEM and other alerts
• Responded to ad-hoc requests
• Used Python for Security administration
• Participated in an on-call rotation
• Supported the implementation of Zero Trust
• Supported the security of AWS, Kubernetes/Docker, and Terraform 

Some of the projects we are currently working on

• Re-architecting our IAM and SnowFlake permission to enable scale and least privilege
• Developing a Vulnerability Management strategy
• Evaluating Container Analysis Tools
• Rolling out an Application Security training program
• Rolling out a Vulnerability Disclosure Program

What you bring to Komodo Health:

• Knowledge of Identity and Access Management (AWS IAM, Okta, IDP/SP)
• Expertise in networking resources, including TCP/IP, AWS VPCs, Security Groups, and NACL
• Experience with security services in AWS Cloudtrail, GuardDuty, AWS Config, SumoLogic, and AlienVault (Splunk) 
• Experience with Python scripting and automation
• Experience responding to and investigating security events and tracking remediation
• Experience with vulnerability remediation and SIEM optimization.
• Ability to get up to speed on new security frameworks and concepts
• Experience with application security, OWASP Top 10, SAST, and DAST solutions
• Willingness to be a security generalist and wear multiple hats
• Excellent oral and written communication skills are essential 
• Certifications: (one or more)
• AWS Certified Security - Specialty
• AWS Certified Solutions Architect - Professional
• CCSP
• CISSP

Compensation at Komodo Health

We are committed to providing competitive compensation for all roles at Komodo Health. We carefully consider multiple factors when determining compensation, including your skills, experience, and location while balancing internal equity relative to peers at the company. The targeted base salary range for the Senior Cloud Security Engineer role is $140,000 to $233,200 plus a competitive bonus and equity package.

#LI-REMOTE #LI-CT1