AlayaCare is revolutionizing the way home health care is delivered. Our leading cloud-based software allows our clients around the world to manage their employees, scheduling, billing, and enable better delivery of care. We're a fast-growing SaaS company with a team of 650+ team members across Canada, US, Australia, and Brazil. We aim to be the world leader in home health care software solutions. We pride ourselves on our open and transparent culture, our bias for action, and being committed to a workplace where we can be ourselves.
About the role:
As a Cloud Security DevOps Engineer, you will use your subject matter expertise to support the organizational security risk program to continuously assess and minimize cybersecurity risk to all Alayacare entities and lines of business in the highly regulated healthcare services industry.
Reporting to the Director of Security Engineering, you will work in a team of professionals responsible for organizational security risk. You will possess extensive experience and certifications in cloud technologies and cybersecurity knowledge. You will use your subject matter expertise to perform threat risk assessments, due diligence, change review and cloud security guidance and advisory services to the team and other areas of
Engineering and business. You will work collaboratively with technology peers the organizations to
continuously improve our security posture despite existing and new threats. Most importantly you ENJOY what you do and constantly looking for ways to improve and be efficient using automation.
A day in the life:
- Drive the security of our AWS infrastructure with our SRE/DevOps teams with initiatives such as AWS security best practices with the Secure
- Securing containers and hardened images,
- Lead the implantation security tooling, log collection, and automation for monitoring and forensic (SIEM, SOAR)
- Ensuring there is a strategy for patching and vulnerability management at the systems level and automate
- Review, Implement a BCP/DRP across all Platforms RBAC policies in a CI/CD environment and building tooling to help
developers deploy secure software
- Security incident: Define and manage the Security Incident which should be aligned with the global incident management process
- Participate in security investigations and incident response
- Participate in tabletop and red team exercise
- Contribute to the development of KPIs and KRIs to measure and report on security risk and compliance via a combination of reports and
analytics dashboards, with the team utilizing relevant analytics, GRC and Continuous Compliance Management solutions
- Assist with business case justifications and cost/benefit analyses for cybersecurity spending and initiatives
What you'll bring:
- At least 8+ years of total experience in the field of cyber security.
- At least 4+ years of experience and hands-on expertise in cloud security management such as Infrastructure as Code, architecture design (application and infra), migration and operations for enterprise workloads. This includes working expertise with Amazon Web Services (AWS) or Google Cloud or Azure Cloud - at scale.
- Knowledge of Governance/ Compliance/Standards such as NIST, HIPAA, OWASP, GDPR ISO 27001.
- Knowledge and understanding across a wide range of technology domains and application frameworks and have ability to quickly grasp relationships of various disciplines
- Proven experience in DevSecOps and CI/CD implementation.
- Experience with security of architecture and design (design, security controls), distributed database, distributed computing and high frequency transactions is a big plus
- Strong experience with Microservices Architectures, Containers environment.
- Experience in AWS Cloud development (C#, .Net, Python, PHP, SQL and REST APIs) is a huge plus.
- Experience in Vulnerability Management concept and tools (Snyk, SonarCloud) and Breach Attack Simulation (BAS).
- Experience with cloud networking design and concepts including VPC, subnets, NAT, firewalls, WAF, etc.
- Experience delivering large scale, highly available security solutions
- Excellent communication skills with Strong business and technical vision
- Experience demonstrating strong leadership, self-motivation, and accountability
- Experience on leading complex projects cross-functionally
- Must have certifications AWS cert - Professional Sol Architect or AWS Security specialty. GCP cert: Professional Cloud Security Engineer. Azure Cert: AZ303/304
- Good to have certifications - CISSP, CCSP, OSCP
What Makes AlayaCare a Great Place to Work:
- Our products have a positive impact on the lives of countless care workers and care recipients Equity in a well-funded, high-growth company
- Work where you feel most engaged and productive with our SuperFlex working models, whether that be at home or in one of our beautiful offices
- Competitive compensation including equity in a growing, well-funded company
- Comprehensive group benefits program, including telemedicine, effective on your first day
- Employee expense program for health, wellness, lifestyle, productivity expenses and more!
- Parental leave top-up plan
- Flexible vacation policy
- Wellness Fridays throughout the summer months for extra time to unwind
- Paid Volunteer Time off Program
- Career growth and development opportunities
- An entrepreneurial culture of transparency, collaboration, and innovation
- We are recognized as Deloitte's Technology Fast 50TM program award for our rapid revenue growth, entrepreneurial spirit and bold innovation
If this sounds like the perfect job for you, apply today. As well as joining a great culture and a market-leading company, you will be part of a team making a positive difference in the post-acute care market. If this isn’t the job for you, you may know someone who is a perfect fit. Please feel free to share this opportunity.
If you want to explore AlayaCare further, please visit our website www.alayacare.com.
- Citizenship: Not Provided
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Not Provided