Senior Cloud Security Engineer
TraceLink has built the world's largest cloud-based network dedicated to protecting patients, ensuring compliance and growing profits across global life sciences. The TraceLink Life Sciences Cloud is our network, platform and community that links people, processes and information everywhere from ingredient to patient.
Businesses across the globe, including 16 of the top-20 pharmaceutical companies, trust us to help them manufacture and deliver safe, secure medicines to the patients who need them anywhere in the world. We need game changers ready to break down business barriers, master new technologies and become trusted advisors for some of the largest and fasting growing companies on the planet. How will you challenge yourself? Learn more about TraceLink.
The Senior Security Engineer is responsible for the advanced technical planning, development, implementation, and operational management of the company's network and security infrastructure to ensure a reliable, responsive, and secure environment. This includes the design, implementation, management, and monitoring of the security infrastructure and processes as well as leading efforts around vulnerability management, incident and event management, and working with various technologies to secure dynamic and growing environments. Application of security technologies, ISO, NIST, and HIPPA-based security controls and industry best practices in a GxP environment.
This role will primarily focus on the TraceLink Life Sciences Cloud environment but as needed provide support initiatives related to the corporate environment.
Major Duties / Responsibilities:
Strategic / Consultative
- Provide network security expertise and guidance around security issues and recommend solutions to mitigate and eliminate risk to TraceLink information assets
- Contribute to the development and enhancement of policies, standards, procedures, guidelines, and controls
- Align initiatives with ISO 27001 and other industry standards
- Review security capabilities and proactively work to identify and implement new capabilities
- Evaluate and recommend new and emerging security products and technologies
- Enhance threat intelligence and assess applicability of reports
- Perform internal security audits; assess, prioritize, and respond to findings
- Review external assessment reports; assess, prioritize, and respond to findings
- Collaborate with Cloud Operations to manage existing security controls and change management
- Review logs, correlate events, and investigate anomalous activity
- Implement/enhance reporting to ensure comprehensive visibility of issues
- Respond to incidents; partner with other teams as needed to resolve
- Drive improvements to design and operational effectiveness of security controls
- Maintain current standard operating procedures, controls documentation, and configuration management
- Maintain detailed documentation of network security solutions and technical security standards
- Review and execute support, change, and policy tickets
Skills and Requirements:
- Bachelor's degree in Computer Science, Information Systems Security, Business Administration or related field
- Minimum 6-8+ year's relevant experience with a proven record of success
- A minimum of 6 years of experience securing Linux (CentOS/RHEL) systems
Expert knowledge with security concepts and technologies including:
- Layer 3 and Layer 7 Firewalls
- IDS/IPS, FIM
- VPNs, IPSEC, SSL/TLS
- Network security monitoring & traffic analysis
- Data Loss Prevention
- Two-factor authentication standards and technologies
- Federated authentication standards and technologies
- DDoS and other security vulnerabilities and risk mitigation strategies
Firm understanding and hands-on experience with AWS security best practices and services including:
- AWS VPC, security groups, and WAF
- IAM, KMS, and CloudHSM
- CloudFormation, Config, and Inspector
- Trusted Advisor
- Experience with open source tools for security management, monitoring, and analytics
- Excellent analytical, reasoning, and problem solving skills with good knowledge of tools and techniques for anticipating, recognizing, and resolving technical problems
- Experience with network architecture methodologies, standards, and tools
- Experience with the application of threat modeling or other risk identification techniques
- Excellent verbal and written communication skills, including executive-level presentations
- Detailed knowledge of system security vulnerabilities and remediation techniques
- CISSP, CEH, SANS Security, and other industry and vendor-specific security certifications
- Experience securing Windows systems
TraceLink offers their employees a comprehensive, best-in-class benefits package. The package includes, medical insurance (HMO and PPO), dental and vision coverage, life insurance, AD&D, short-term and long-term disability. Employees are also eligible for a bonus plan. Employees in the Sales department are offered a competitive commission structure. In addition, all employees are offered stock options at the time of hire.
- On-site Gym (Free)
- Fully stocked kitchens
- Free Catered Lunch and Dinner, every day
- Thirsty Thursdays (Beer and Wine Socials)
TraceLink is headquartered in North Reading, MA just off I-93 Exit 39 (Concord St).
The duties listed in this job description are intended only as illustrations of the various types of work that may be performed. The omission of specific statements of duties does not exclude them from the position if the work is similar, related, or a logical assignment to the position.