TherapyNotes, LLC

Senior Cloud Security Engineer

TherapyNotes, LLC

full-time

Posted on:

Origin:  • 🇺🇸 United States

Visit company website
AI Apply
Manual Apply

Salary

💰 $110,000 - $135,000 per year

Job Level

Senior

Tech Stack

AWSAzureCloudCyber SecurityFirewallsLinuxSDLC

About the role

  • About Us: TherapyNotes is the go-to superhero for behavioral health Practice Management and EHR software; top-notch SaaS solution handles scheduling, billing, documenting, telehealth, and more. Position Description: Senior Cyber Security Engineer blending deep technical execution with strategic influence, hands-on across detection and response, vulnerability and risk management, and secure cloud architecture; mentor junior engineers and collaborate across IT, DevOps, and product teams. Responsibilities: Hands-on management of enterprise-wide security tools and platforms including SIEM, DLP, EDR/XDR, and vulnerability management across hybrid environments (cloud and on-prem). Monitor security alerts, respond to incidents, and manage escalations. Participate in Incident Response on-call rotation. Conduct threat analysis, vulnerability assessments, and risk evaluations. Manage and secure identities in Microsoft Entra ID through Conditional Access and Entitlement Management. Develop and implement strategies for Data Loss Prevention and identify gaps in DLP coverage. Stay informed about the latest cyber threats, attack methodologies, and vulnerabilities. Conduct periodic system and network configuration reviews to ensure compliance with security standards. Collaborate with developmental teams to ensure security is continuously integrated into the SDLC and CI/CD pipeline. Enforce secure coding standards and best practices. Identify and document cyber risks and manage mitigation; report issues to leadership. Align Zero Trust principles with organizational security goals. Participate in audits and assessments, supporting GRC efforts.

Requirements

  • Bachelor's degree in information security, information technology, computer science, or related field preferred. 8+ years of experience in cybersecurity engineering or related role. CISSP or equivalent enterprise security certification preferred. Extensive experience designing and implementing security controls in cloud environments (preferably Azure and AWS). Knowledge of security frameworks (NIST, ISO 27001, CIS) and compliance frameworks (HITRUST, PCI DSS). Proven ability to conduct security assessments, vulnerability, management, and incident response. Proficiency with network security technologies (firewalls, IDS/IPS, VPNs). Strong understanding of OS platforms (Windows, Linux) and endpoint security. Deep understanding and experience in managing and securing cloud infrastructure and cloud-based applications. Experience with Application Security (OWASP, SAST, DAST). Expert in the latest security principles, techniques, and standards. Proficiency in various security systems: intrusion detection systems, anti-virus software, identity management systems, log management, content filtering, etc.