Role Description We are seeking a highly motivated and detail-oriented Cloud Security Engineer to help secure and strengthen our cloud infrastructure across multiple environments and platforms. This role is ideal for professionals passionate about cybersecurity, cloud architecture, risk mitigation, and implementing modern cloud security best practices. You will work closely with infrastructure, development, and IT teams to identify vulnerabilities, improve security posture, and ensure compliance with industry standards and cloud security frameworks. Key Responsibilities - Analyze, recommend, and implement security controls for cloud infrastructure - Strengthen security across cloud-based systems and services - Apply industry best practices and security standards in cloud environments - Review and validate network protocols, communication security, and existing security controls - Perform vulnerability assessments and identify security gaps across cloud infrastructure - Support remediation efforts for vulnerabilities, findings, and security risks - Implement secure configurations and hardening practices for cloud systems - Participate actively in cloud security initiatives and infrastructure projects - Evaluate and improve the organization's cloud security posture - Generate security reports, vulnerability assessments, and compliance documentation - Support external clients with cloud security recommendations and implementations Qualifications - Bachelor’s Degree in: Information Technology, Systems Engineering, Information Systems Administration, Related technical field - 3+ years of experience in: - Cloud Security - Cloud Infrastructure Administration - Cloud Platform Engineering - Strong knowledge of: - AWS, Azure, Google Cloud Platform (GCP) - Linux and Microsoft Operating Systems - Networking, Switching & Routing - Vulnerability Management - Security Hardening - Risk Analysis & Security Controls - Encryption Technologies - PCI, NIST, CIS Standards - Basic to intermediate programming knowledge - English proficiency: 80–95% Nice to Have - Cloud Security Certifications - AWS / Azure / GCP Certifications - Experience supporting enterprise cloud environments - Knowledge of DevSecOps practices - Experience with database security and infrastructure design Benefits - 100% Remote Contractor Position - US Holidays - 15 PTO Days - Annual Pluralsight Membership - Company-Provided Computer - Monthly Payments via Deel Company Description This is an exciting opportunity to work on modern cloud security initiatives, protect enterprise-level infrastructure, and collaborate with global teams in a fast-paced and security-focused environment.

• Your primary role is to perform penetration testing of web applications, mobile applications, thick clients, and APIs. • Source code review and whitebox penetration testing to prove the impact of application flaws. • Reverse engineering of mobile and thick client applications. • You sometimes chain application flaws to other areas, such as cloud and on-prem AD infrastructure. • Opportunities for lateral movement into the infrastructure teams are limited and given at the manager's discretion. • Develop detailed reports on findings and remediations for impactful findings. • You will learn to debrief these findings at both a technical and executive level. • Perform SAST and DAST on enterprise, SaaS, and custom in-house applications. • Experience in using scanners and knowledge of validation and elimination of false positives. • A strong understanding of OWASP in Web, API, Mobile, and AI/LLM is necessary, but you will be asked to go beyond.

Role Description The IT Cloud Engineer - Security provides the vision, strategy, functionality, and technology solutions for creating and maintaining security systems and solutions for both public and private cloud infrastructure-based solutions. This position collaborates with the Information Technology teams to lead the organization toward the deployment of technologies which focus on the trust, risk, and security management of the company environment. - Enforces and integrates security solutions, tools, and appropriate controls to align to security policies, standards, and procedures. - Stays current with leading security technologies, standards, and best practices as well as cyber threat landscape and evolving mitigation approaches and techniques. - Acts as a high-level escalation tier for operational support in assigned technical areas. - Conducts proof-of-concept testing in a lab environment. - Creates, updates, and maintains supporting documentation for technology standards. - Designs and deploys security solutions to support and ensure alignment with business requirements. - Works with technology vendors and technical subject matter experts (SME) to produce corporate standards with regards to assigned technology areas. - Collaborates and/or leads engineering solutions, integrating multiple systems and/or technologies. - Consistently demonstrates high standards of integrity by supporting the Lifetime Healthcare Companies’ mission and values. - Maintains high regard for member privacy in accordance with the corporate privacy policies and procedures. - Regular and reliable attendance is expected and required. - Performs other functions as assigned by management. Qualifications - Level I: Four (4) years of related experience. - Associates degree in Computer Science, Information Technology, or related field. In lieu of degree, three (3) years of related work experience required. Bachelor’s degree preferred. - Intermediate knowledge of security, compliance, and audit policies/procedures. - Basic experience with research, design, and implementation in assigned technologies. - Basic infrastructure operations and infrastructure project delivery experience essential. - Basic scripting and automation experience. - Advanced communication skills. - Intermediate understanding of cloud computing infrastructure and concepts. - Intermediate knowledge of securing cloud and/or on-premises systems. - Intermediate ability to engineer and integrate new security designs. - Demonstrates intermediate knowledge of a minimum of two (2) concepts and/or tools listed below: - Encryption, PKI, Network and application security, and related firewalls (Palo Alto Networks, Imperva, Azure, AWS, etc.) - Identity management (AD, Entra ID, conditional access, MFA, SSO, etc.) - Virus detection and endpoint security (Defender preferred) - Vulnerability scanner and pen testing tools (e.g., Rapid 7, Nessus, Nexpose, Metasploit, Appscan, Burp suite, Ida Pro etc.) - IDS/IPS and related tools - Comprehensive Cloud security platform (Palo Alto Prisma) - Security logging and monitoring (SIEM e.g., ArcSight, Splunk, SolarWinds LEM, Azure Sentinel, AWS Guard Duty, etc.) - Common web application security vulnerabilities (e.g., OWASP) - Application security - Security architecture principles/concepts (i.e., Zero Trust) Requirements - Level II (in addition to Level I responsibilities): - Acts as a primary engineer for assigned technology areas maintaining highly performant and optimized infrastructure environment. - Researches technologies and performs analysis that significantly contributes to budget and expenditures for assigned technology areas. - Collaborates and participates in the development and execution of enterprise strategy in the assigned technology area. - Assists in the RFI/RFP process. - Level III (in addition to Level II responsibilities): - Research and recommend solution designs. - Establishes business justifications for purchases made within assigned technology areas. - Significant contributor to automation workflows and focuses on automation for job-related tasks. - Performs system analysis and capacity planning of security assets. - Assists with mentoring of Level I and II Engineers. - Level IV (in addition to Level III responsibilities): - Acts as trusted advisor to the management team. - Emphasizes technology cost optimization when designing new solutions. - Leads business critical projects efforts for IT infrastructure. - Leads internal strategic efforts, collaborates, and mentors peers. Benefits - Participation in group health and/or dental insurance. - Retirement plan. - Wellness program. - Paid time away from work. - Paid holidays. Compensation Range(s) - Level I - Min 79,068 Max 142,322 - Level II - Min 87,766 Max 157,978 - Level III - Min 98,297 Max 176,935 - Level IV - Min 110,093 Max 198,168 Physical Requirements - Ability to travel across the Health Plan service region for meetings and/or trainings as needed. - Ability to work in a home office for continuous periods of time for business continuity. - Ability to provide on-call rotation support.

Role Description This role requires practical, hands-on AI fluency. The ideal candidate is comfortable operating directly within the product development lifecycle—understanding how modern AI systems and agents behave, improve over time, and fail—and applying that understanding to product security decisions, acceptance criteria, and release readiness while owning and evolving broader product security strategy, governance, and risk management practices across the organization. - Own and evolve major components of the Product Security strategy, translating product and business risk into actionable, measurable security programs with clear success metrics. - Lead Secure-by-Design initiatives across product teams, embedding security requirements early in product and feature design, and defining secure design patterns, reference architectures, and guardrails that scale. - Lead security architecture reviews, secure code reviews, threat modeling, and application penetration testing, with a focus on systemic risk reduction across a broad range of products. - Establish and own security best practices for AI-enabled product features, model integration, and AI service architectures, including data handling, model access, and inference workflows. - Lead AI-specific threat modeling addressing misuse, data leakage, supply-chain exposure, and abuse scenarios; define security controls and governance requirements specific to AI features and services. - Evaluate the security implications of new AI technologies, tools, and models prior to adoption; embed responsible AI principles—traceability, privacy, bias awareness, transparency, and auditability—into product security decisions. - Drive consistency in how product and AI risks are assessed, documented, tracked, and accepted across the organization. - Serve as advisor to product and engineering on security risk, architectural trade-offs, and risk acceptance decisions. - Mentor and provide technical leadership to other Product Security engineers and serve as an escalation point for complex security decisions. Qualifications - 5+ years of experience in the security domain, including applying security controls to cloud-based technologies and implementing Product Security frameworks such as OWASP, CIS Benchmarks, and Cloud Security Alliance (CSA). - Proven track record of establishing security controls and governance requirements for AI-enabled features, including data handling, model access, and inference workflows. - Hands-on experience with AI product development security, including partnering with engineering and subject matter experts on model evaluation, tuning, and training. - Ability to define evaluation criteria for AI systems and interpret results to inform security requirements and release readiness decisions. - Experience with cloud governance principles and Product Security tooling, including SAST and DAST. - Demonstrated ability to lead threat modeling, secure code reviews, and application penetration testing for complex, cross-cutting security issues. - Demonstrated expertise in defining and scaling secure design patterns, reference architectures, and security guardrails across multiple product teams. - Technical acumen to experiment directly with AI tools and prototypes in support of faster product security validation. Requirements - Bachelor's degree in computer science or a related field; equivalent combination of education, training, and relevant professional experience accepted in lieu of a formal degree. - Experience with DevSecOps practices, zero trust design principles, and cloud incident response. - Experience contributing to the automation of security analysis and testing activities. - Track record of mentoring and providing technical leadership to security engineering teams. Other Qualifications - Communicate with Clarity - Be clear, concise and actionable. Be relentlessly constructive. Seek and provide meaningful feedback. - Act with Urgency - Adopt an agile mentality - frequent iterations, improved speed, resilience. 80/20 rule – better is the enemy of done. Don’t spend hours when minutes are enough. - Work with Purpose - Exhibit a “We Can” mindset. Results outweigh effort. Everyone understands how their role contributes. Set aside personal objectives for team results. - Drive to Decision - Cut the swirl with defined deadlines and decision points. Be clear on individual accountability and decision authority. Guided by a commitment to and accountability for customer outcomes. - Own the Outcome - Defined milestones, commitments and intended results. Assess your work in context, if you’re unsure, ask. Demonstrate unwavering support for decisions. Pay Transparency Statement Base pay offered to new hires may vary based upon factors including relevant industry and job-related skills and experience, geographic location, and business needs. The range displayed does not encompass the full potential of the role, which allows for further growth and career progression. In addition, as a part of our total compensation package, this role may be eligible for the Vertex Bonus Plan (VOB), a role-specific sales commission/bonus, and/or equity grants.