Mid-Level Security Engineer

6d6 days ago

QGenda

Atlanta, US · Full-time · $125,000 – $165,000

About this role

QGenda is redefining healthcare workforce management, empowering over 4,500 organizations with a unified software platform. With 800 employees across the US and headquartered in Atlanta, we foster growth, innovation, and collaboration. As a Mid-Level Security Engineer, leverage AWS security expertise to protect cloud applications, infrastructure, and customer data against threats.

You will collaborate with Product, Development, and Infrastructure Teams to integrate AWS security tools into the SDLC. Responsibilities include designing AWS-native solutions like GuardDuty and SecurityHub, automating security processes with SAST and DAST, and leading vulnerability management. Proactively secure generative AI adoption while applying cloud best practices for risk mitigation.

Work in a dynamic environment united by a vision to impact healthcare, enjoying day-to-day contributions to strategic workforce decisions. Engage in cross-team efforts to maintain policies aligned with NIST, ISO 27001, and SOC 2. Support audits for HIPAA, SOC 2, and FedRAMP compliance.

This role offers significant opportunities for professional development and direct influence on our evolving security posture. Report metrics to management and provide security awareness training. Contribute to a culture proud of its healthcare industry impact.

Requirements

Extensive hands-on expertise with AWS security tools and concepts, including IAM, Key Management Service (KMS), AWS Organizations, and encryption techniques
Proven ability to design and deploy secure architectures in AWS, including multi-account structure configurations
Hands-on experience with DevSecOps practices and securing CI/CD pipelines, including SCA, SAST, and IaC tools
Proficiency in scripting and automation (Python, Bash, PowerShell Core) to drive efficiency and scalability in security operations
Expertise in vulnerability management, including hands-on experience with scanning tools (e.g., Nessus, Qualys) and proactive risk prioritization and remediation
Familiarity with Cloud Native Application Protection Platform

Responsibilities

Design, implement, and manage AWS-native security solutions such as GuardDuty, SecurityHub, Inspector, and Config to secure infrastructure
Automate and scale security processes, integrating SAST, DAST, SCA into the Software Development Life Cycle through development team collaboration
Lead vulnerability management, overseeing scanning, risk prioritization, and timely remediation efforts including patching
Proactively implement security controls and governance for safe, compliant adoption of generative AI and AI/ML technologies
Apply AWS Cloud security best practices to monitor, detect, respond, and mitigate risks effectively
Develop and maintain security policies, standards, and procedures aligned with NIST, ISO 27001, and SOC 2
Support security audits and compliance efforts for HIPAA, SOC 2, and FedRAMP
Provide security awareness training and guidance to staff, and report security metrics to management