Position Summary

As a Sr. Information Security/Cloud Engineer, you will implement and enforce IT security related policies, standards, and procedures as it pertains to Cloud infrastructure and applications, including those in development. This position will regularly be tasked with investigating anomalies and security incidents and the engineer can be assigned security related projects at the direction of Security management.

You will be embedded with the Cloud Ops team and will collaborate with various departments to ensure smooth operations and adherence to Information Security practices. You should possess strong knowledge of AWS services, architecture, cloud networking security, and best practices.

Within the broader Caris Life Sciences Software Portfolio, you could be working with teams building the cloud platforms powering our labs, R&D and partner facing operations at a monthly growth scale in the Petabytes. You should be able to work with engineers to solve problems or remove obstacles.

Job Responsibilities

• Utilize various network security tools within the Caris environment including Identity and Access Governance applications, Email Security Appliances, Anti-Virus management software, Intrusion Protection Systems, and more.

• This position will frequently engage directly with engineers to troubleshoot provisioning and security related issues, perform access and activity audits, and assist with projects and resource reviews.

• This position requires an advanced knowledge of the Security Framework (i.e. People, Process, and Technology).

• Collaborate with the Cloud Ops team to enhance their skills and experience and address Information Security compliance.

• Collaborate closely with Product Management, Software Engineering, Data Science, and Infrastructure teams to align objectives and deliver high-quality solutions.

• Maintain awareness of engineering processes and practices, conduct architecture reviews.

• Generate and implement security process improvements.

• Stay up to date with AWS best practices and new technologies.

• Collaborate with cross-functional teams to improve product quality, security, and performance.

• Make technical decisions when necessary and facilitate technical decision-making within the team.

• Ensure compliance with regulatory requirements and best practices in a regulated environment.

Required Qualifications

• Bachelor’s degree or equivalent required.

• 8+ years of Cloud experience (inclusive of time as an individual contributor).

• 5-10 years of experience in either Engineering/Tech/Software/InfoSec with a focus on cloud network security.

• Experience as an Individual Contributor in a team who are working with Amazon Web Services.

• Strong experience in architecting and delivering scalable cloud-based solutions.

• Solid understanding of DevOps principles, CI/CD pipelines, and infrastructure automation.

• Knowledge of Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) tools and methodologies.

• Proficiency with AWS security tools such as GuardDuty, Config, IAM, and cloud security tools like Wiz.

• Practical experience in implementing and supporting DevSecOps practices.

• Self-motivated and able to work in a fast-paced environment.

• Excellent written and verbal communication skills.

• Conditions of Employment: Individuals must successfully complete pre-employment process, which includes criminal background check, drug screening, and reference verification.

Preferred Qualifications

• Bachelor’s degree in an IT related discipline or additional equivalent experience.

• CISSP or equivalent certification is recommended.

• AWS Certified Security – Specialty.

• Relevant experience in the Healthcare, Life Sciences, or Genomics industry.

• Familiarity with multi-cloud governance and architecture, particularly Amazon Web Services (AWS).

• Knowledge of relational databases (e.g., MySQL, Postgres) and scripting languages (e.g., Python, Shell).

• Experience with CI/CD tools such as GitLab CI and GitHub Actions.

• Understanding of modern DevSecOps practices – git, CI/CD, infrastructure as code - how they integrate with technologies such as Kubernetes.

• Infrastructure architecture knowledge, including the relationships between databases, cloud services, and application servers.

• Previous work in a regulated environment.

• Technical Mentoring.

• Eager self-starter & self-learner.

Physical Demands

• Will work at computer most of the time.

Training

• All job specific, safety, and compliance training are assigned based on the job functions associated with this employee.

Other

• This position requires periodic travel and some evenings, weekends and/or holidays

This job description reflects management’s assignment of essential functions. Nothing in this job description restricts management’s right to assign or reassign duties and responsibilities to this job at any time.

Caris Life Sciences is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, gender, gender identity, sexual orientation, age, status as a protected veteran, among other things, or status as a qualified individual with disability.

Caris Life Sciences is a leading innovator in molecular science and artificial intelligence focused on fulfilling the promise of precision medicine through quality and innovation.

Caris is committed to quality and excellence at our state-of-the-art laboratories. Learn more about our tissue lab and the advanced technologies that are helping improve the lives of cancer patients.