It's fun to work in a company where people truly BELIEVE in what they're doing!
We're committed to bringing passion and customer focus to the business.
Position Title:
IT Cloud & Security Engineer
Reports to:
Director of Cybersecurity
Duties & Responsibilities:
Job Summary
We are seeking a highly skilled IT & Cloud Security Engineer to join our healthcare organization’s cybersecurity team. This role is responsible for designing, implementing, and maintaining secure infrastructure and cloud environments in compliance with SOC2, HIPAA, HITECH, and other applicable regulations. You will work closely with cross-functional teams to protect sensitive patient data, ensure the confidentiality, integrity, and availability of systems, and respond to emerging threats across our on-prem and cloud infrastructure.
Key Responsibilities
Governance, Risk & Compliance (GRC)
· Support SOC 2 Type II compliance by mapping cloud and IT security controls to AICPA Trust Services Criteria.
· Ensure compliance with healthcare regulations (HIPAA, HITECH) across cloud and on-prem IT environments.
· Perform risk assessments and gap analyses for IT and cloud infrastructure, recommending remediation strategies.
· Participate in internal and external audits, including documentation preparation and evidence collection.
Secure Cloud Architecture & Infrastructure
Design, implement, and maintain secure cloud architectures (Azure, AWS, GCP) with a focus on healthcare data protection.
Review cloud vendor tools and infrastructure-as-code templates (e.g., Terraform, Bicep) to identify misconfigurations and embedded secrets.
Classify and protect regulated data (PII, PHI, PCI) through logging, labeling, and audit-trail enforcement.
Apply Zero Trust principles, including continuous authentication, conditional access, and network segmentation.
DevSecOps & Identity Security
Partner with product and engineering teams to embed secure SDLC practices such as threat modeling, static code analysis, and secure API design.
Collaborate with DevOps and infrastructure teams to integrate security controls throughout the development and deployment lifecycle.
Implement and maintain IAM strategies, including MFA, RBAC, and identity federation.
Develop and maintain security policies, procedures, and technical documentation.
Security Operations & Incident Response
Configure and manage security technologies including firewalls, SIEM, EDR, IDS/IPS, vulnerability scanners, and DLP solutions.
Monitor security events and alerts, proactively responding to threats and vulnerabilities.
Lead and support incident response activities involving IT and cloud systems, including forensic analysis and post-incident reporting.
Continuously improve security monitoring, detection, and response capabilities.
Required Skills:
· Strong knowledge of SOC 2 Type II compliance, including mapping cloud and IT security controls to AICPA Trust Services Criteria.
· Demonstrated experience ensuring compliance with healthcare regulations such as HIPAA and HITECH in cloud and on-prem environments.
· Ability to perform risk assessments and gap analyses for IT and cloud infrastructure and recommend effective remediation strategies.
· Proven experience designing, implementing, and maintaining secure cloud architectures across Azure, AWS, and/or GCP.
· Hands-on experience reviewing cloud vendor tools and infrastructure-as-code (e.g., Terraform, Bicep) for misconfigurations and embedded secrets.
· Expertise in data classification and protection for regulated data (PII, PHI, PCI), including logging, labeling, and audit trail enforcement.
· Strong understanding and application of Zero Trust security principles, including continuous authentication, conditional access, and segmentation.
· Experience embedding security into the SDLC and DevSecOps pipelines, including threat modeling, static analysis, and secure API design.
· Proficiency implementing and managing identity and access management (IAM) solutions, including MFA, RBAC, and identity federation.
· Hands-on experience configuring and managing security tools such as firewalls, SIEM, EDR, IDS/IPS, vulnerability scanners, and DLP solutions.
· Ability to monitor, analyze, and respond to security events and alerts, proactively identifying threats and vulnerabilities.
· Proven capability to lead or support incident response, including forensic analysis and post-incident reporting.
· Experience of participating in internal and external audits, including evidence collection and documentation.
· Strong documentation skills, including developing and maintaining security policies, procedures, and technical documentation.
· Effective collaboration skills across engineering, DevOps, infrastructure, and compliance teams.
Qualifications:
Education:
Bachelor's degree in Computer Science, Information Security, or related field (or equivalent experience).
3–7 years of experience in IT security, with at least 2 years focused on cloud security (AWS, Azure, or GCP).
Healthcare industry experience preferred.
Preferred Attributes:
Certified Information Systems Security Professional (CISSP)
Certified Cloud Security Professional (CCSP)
AZURE Certified Security – Specialty, Azure Security Engineer Associate, or equivalent
Certified Ethical Hacker (CEH), CompTIA Security+
Compensation Range: $105,000-$120,000
Working Conditions:
Office and Remote work.
Up to 10% of travel expected.
The above is intended to describe the general contents and requirements of work being performed by people assigned to this classification. It is not intended to be construed as an exhaustive statement of all duties, responsibilities, or skills of personnel so classified
PPL is an Equal Opportunity Employer dedicated to celebrating diversity and intentionally creating a culture of inclusion. We believe that we work best when our employees feel empowered and accepted, and that starts by honoring each of our unique life experiences. At PPL, all aspects of employment regarding recruitment, hiring, training, promotion, compensation, benefits, transfers, layoffs, return from layoff, company-sponsored training, education, and social and recreational programs are based on merit, business needs, job requirements, and individual qualifications. We do not discriminate on the basis of race, color, religion or belief, national, social, or ethnic origin, sex, gender identity and/or expression, age, physical, mental, or sensory disability, sexual orientation, marital, civil union, or domestic partnership status, past or present military service, citizenship status, family medical history or genetic information, family or parental status, or any other status protected under federal, state, or local law. PPL will not tolerate discrimination or harassment based on any of these characteristics.
If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us!
