Global Healthcare Exchange (GHX) is looking for a Cybersecurity Engineer to join our team. This hands-on role focuses on building, automating, and securing our cloud-based SaaS infrastructure and products.
What You'll Do
- Champion security throughout the software development lifecycle (SDLC). Conduct threat modeling, perform code analysis (SAST), and integrate security tools into CI/CD pipelines.
- Collaborate with DevOps to enhance and maintain the security of our cloud environment (AWS, Azure, GCP). Strengthen security controls across infrastructure, platforms, and services.
- Develop and deploy automation scripts, tools, and workflows to streamline security operations, including incident response, threat hunting, and compliance checks.
- Proactively identify and mitigate security weaknesses by conducting dynamic application security testing (DAST), infrastructure vulnerability scanning, and coordinating penetration tests.
- Implement and fine-tune security monitoring tools (SIEM, CSPM) to detect and alert on security incidents. Develop and maintain automated incident response playbooks.
What We're Looking For
- Bachelor's or Master's degree in Information Security, Computer Science, or a related field, or equivalent professional experience.
- 2+ years of hands-on experience in cybersecurity, with a deep focus on application security, cloud security, and secure software development.
- Knowledge of web application vulnerabilities (OWASP Top 10) and secure coding practices.
- Hands-on experience with security tools such as SAST, DAST, IAST, and CSPM.
- Proven experience securing cloud platforms (AWS, Azure, or GCP) and their native security services.
- Proficiency in one or more programming/scripting languages (e.g., Python, Go, Java, JavaScript).
- Experience implementing and auditing technical controls for security frameworks such as SOC 2, NIST, and ISO 27001.
- Strong analytical and problem-solving skills, with the ability to communicate complex technical concepts to a variety of audiences.
Nice to Have
- Relevant security certifications are a strong plus (e.g., CCSK, CCSP, CSSLP, GWAPT, or cloud-specific security certs).
Technical Stack
- Cloud: AWS, Azure, GCP
- Languages: Python, Go, Java, JavaScript
- Security Tools: SAST, DAST, IAST, CSPM, SIEM
Benefits & Compensation
- Salary: $100,000 - $150,000
- Competitive health benefits
- Matched 401k and pension plans
- PTO
- Generous parental leave
- Gym subsidies
- Educational reimbursements for career development
- Recognition programs
- Pet-friendly offices (US only)
Work Mode
This is a remote position open to candidates within the United States.
Octus is committed to providing equal employment opportunities to all employees and applicants for employment without regard to race, colour, religion, sex, sexual orientation, gender identity, national origin, age, disability, genetic information, marital status, pregnancy, veteran status, or any other legally protected status.
