RemoteLeaf Logo
Log in Sign up

Director, Cloud Security

3 weeks ago
United States
Full-time
Lead
Security Engineer
DevOps and Infrastructure
AWS CI/CD HIPAA Kubernetes Machine Learning Python Shell Scripting SIEM Terraform
Apply Now
Capital Rx

Capital Rx

Capital Rx provides comprehensive health benefit management and transparent pharmacy benefit management solutions, integrating various healthcare services to support millions of plan members across diverse sectors.

Health Care Providers & Services
251-1K
Founded 2017
View All Jobs 48

Description

  • Lead and scale a high-performing cloud security engineering function with a culture of ownership and continuous improvement.
  • Own execution of the cloud security roadmap across FedRAMP readiness, zero trust architecture, cloud hardening, security automation, and continuous control validation.
  • Define and evolve cloud security strategy aligned to business growth, regulatory obligations, platform resilience, and AI initiatives.
  • Advise the CISO, engineering leaders, and executive stakeholders on secure-by-design decisions and modern security practices.
  • Design, implement, and continuously improve security controls across AWS infrastructure, platforms, applications, and supporting services.
  • Identify, prioritize, and remediate security risks across cloud services, infrastructure as code, third-party integrations, developer workflows, and enterprise platforms.
  • Build cloud security capabilities to support compliance with FedRAMP, FISMA, SOC 2, HITRUST, HIPAA, and related requirements.
  • Drive threat detection, incident response readiness, vulnerability management, penetration testing, and security validation efforts.
  • Advance automation for security monitoring, alerting, evidence collection, and policy enforcement to support scalable continuous compliance.
  • Partner with engineering, platform, DevOps, IT, AI, compliance, legal, privacy, and risk teams to embed security into architecture, SDLC, and AI-enabled capabilities.
  • Lead technical engagement for third-party assessments, customer security reviews, and external audits.
  • Establish security metrics and reporting for cloud posture, control effectiveness, and roadmap progress.
  • Define and operationalize a security framework for AI initiatives, including governance, data protection, access controls, and secure adoption practices.

Requirements

  • 10+ years of experience in cloud security, information security, or a related field, including 5+ years in leadership roles.
  • Proven experience leading cloud security or security engineering programs with team leadership, roadmap execution, and cross-functional influence.
  • Deep expertise in AWS security architecture, cloud-native security controls, and securing scalable SaaS environments.
  • Strong technical depth in at least one modern programming or scripting language.
  • Hands-on experience securing infrastructure as code and cloud deployment pipelines, including Terraform and CI/CD environments.
  • Experience with security tooling and operational disciplines such as SIEM, cloud security posture management, vulnerability management, detection engineering, and incident response.
  • Experience supporting regulated or audited environments, including technical control implementation, evidence management, and external assessment readiness.
  • Experience partnering with engineering or product teams to define security guardrails and governance for emerging technologies, including AI-enabled initiatives.
  • Strong understanding of identity and access management, least privilege, authentication, privileged access, and zero trust principles.
  • Excellent communication and stakeholder management skills with the ability to translate complex security priorities into practical outcomes.
  • Ability to operate effectively in a fast-paced, high-growth environment while balancing strategy and hands-on execution.
  • Industry certifications such as CISSP, CCSP, AWS Security Specialty, or similar are preferred.
  • Familiarity with AI and ML security concepts, including governance, model access, data protection, and third-party AI risk is preferred.
  • Experience in healthcare, health tech, or another highly regulated industry is preferred.
  • Knowledge of container and orchestration security, including Kubernetes or EKS, is preferred.
  • Experience with policy-as-code or automated compliance validation in cloud environments is preferred.

Benefits

  • Remote, US salary range of $184,000 to $240,000 USD.
  • Opportunity to work on a mission-driven healthcare technology platform.
  • Flexible position description that allows duties and responsibilities to be reassigned as needed.
  • Equal employment opportunity and a workplace that values diversity and inclusion.
  • Privacy practices and future-position data retention details are disclosed for transparency.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

The Missing Link

Saviynt IAM Specialist

The Missing Link 51-250 Internet Software & Services

The Missing Link is seeking a Security Engineer - Saviynt to support large enterprise identity governance initiatives, design and deliver Saviynt-based solutions, and strengthen its growing cyber security practice.

India Full-time Mid Level Security Engineer
Active Directory Azure Cybersecurity JavaScript PowerShell REST API SAP SQL
5 hours, 11 minutes ago
EnableComp

AI Security Architect (REMOTE - United States)

EnableComp 251-1K Insurance

EnableComp is seeking a remote AI Security Architect to secure and govern its AI and machine learning initiatives within its healthcare revenue cycle management environment.

United States Full-time Senior AI Engineer Security Engineer
Azure Cybersecurity HIPAA LLM Machine Learning
5 hours, 26 minutes ago
Dropbox

Senior Infrastructure Security Engineer

Dropbox 1K-5K Internet Software & Services

Dropbox is hiring a Security Engineer to secure its AI and agentic infrastructure while helping protect products and users across cloud and on-prem environments.

Canada Full-time Lead Infrastructure Engineer Security Engineer
$152k-$206k
Bash CI/CD CrowdStrike Go Java Kubernetes Linux LLM Node.js OAuth OpenID Connect OWASP Python Ruby Rust SIEM
5 hours, 26 minutes ago
Fullscript

Staff, Security Engineer

Fullscript 251-1K Health Care Providers & Services

Fullscript is hiring a Staff Security Engineer to lead hands-on security engineering across its healthcare technology platform, shaping secure product development and protecting systems that support practitioners and patients.

United States Canada Full-time Lead Security Engineer
AWS GitHub GitLab GraphQL JavaScript Node.js Penetration Testing Ruby on Rails
5 hours, 56 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers