• Coordinate the deployment, configuration, testing, monitoring, and ongoing maintenance of security technologies, including SIEM, EDR, DLP, WAF, CASB, Secure Web Gateway, URL filtering, email security, and application/vulnerability scanning platforms. • Lead small-to-medium-sized security initiatives from requirements gathering through design, testing, pilot execution, and implementation. • Support proof-of-concept evaluations and product assessments to ensure proposed solutions align with security strategy, standards, and industry best practices. • Act as a service or tool owner by identifying enhancements, maintaining operational runbooks, and recommending improvements for tools under your responsibility. • Develop and maintain procedures, workflows, architecture diagrams, and operational playbooks that support security monitoring and engineering activities. • Investigate and triage security events using technologies such as SIEM, EDR, DLP, WAF, CASB, Secure Web Gateway, and email security solutions. • Detect, respond to, and support investigations of security incidents while documenting root-cause analysis and lessons learned. • Follow established incident response procedures and playbooks, escalating critical findings appropriately and efficiently. • Apply analytical and adversarial thinking to identify, protect, detect, respond to, and recover from common cyber threats and attack vectors. • Perform and support secure baseline reviews, infrastructure scanning, endpoint scanning, application vulnerability assessments, penetration testing validation, and AI red-teaming exercises. • Review vulnerability findings for accuracy and completeness while partnering with stakeholders to prioritize remediation efforts based on risk. • Escalate critical vulnerabilities, zero-day threats, and high-priority risks while supporting rapid mitigation efforts. • Contribute to continuous improvements in vulnerability management workflows through automation and the integration of security testing into CI/CD pipelines. • Conduct security risk assessments for internal initiatives, product enhancements, vendors, and productivity tools. • Perform STRIDE-based threat modeling for internal projects and AI-enabled solutions, producing actionable recommendations and clear risk reports. • Apply a risk-based approach to evaluating Agentic AI technologies and AI-related security risks. • Conduct vendor risk assessments within OneTrust and support broader third-party risk management activities. • Identify opportunities to strengthen controls, improve processes, and enhance security outcomes across teams. • Stay informed on emerging threats, technologies, and industry best practices, sharing relevant insights with colleagues and stakeholders.

Role Description Monitor our security dashboards, triage findings, and plan and implement remediation steps end to end. - Proactively shape our infrastructure architecture and configuration with security and compliance front of mind. - Implement infrastructure changes hands-on, applying DevOps practices across infrastructure-as-code, CI/CD, and cloud configuration. - Keep track of emerging threats, CVEs, and advisories, and drive timely mitigation across our systems. - Partner with engineering teams to embed security into the development lifecycle rather than bolting it on. - Help us meet and maintain compliance requirements relevant to healthcare data. Qualifications - Solid experience in a DevOps, SRE, or cloud security role, with hands-on infrastructure work. - Strong knowledge of AWS, containerized workloads (Docker, Kubernetes), and infrastructure-as-code (Terraform). - Hands-on experience with cloud security posture management tooling. - A working understanding of vulnerability management and how to prioritize and remediate threats in practice. - Familiarity with security and compliance frameworks (e.g., SOC 2, ISO 27001, GDPR; healthcare-specific frameworks a plus). - Comfortable building and maintaining CI/CD pipelines. - A proactive, ownership-driven mindset and the ability to communicate risk clearly to engineers and stakeholders. - Proven experience in collaboration with AI tools like Codex or Claude Code. - English working proficiency. Benefits - Exciting start-up atmosphere. Gone are the days in which you wait for approvals for months. - Make our disruptive product even better. Change how healthcare functions. - Work with state-of-the-art technology. No legacy code. No technological debt. All green fields. - Your workplace—your choice. Office? Great! Home? Sure! Mars? Not sure about the Internet there, but why not. - Flexible working hours. No downtime. High degree of autonomy. - The team. Collaborative. Fun. True professionals. A real team. - Remote work opportunity. Company Description We are growing and excited to meet you to join us on our mission. Let's revolutionize health care together!

Role Description You will lead and oversee the organization’s Cloud Security team, enforcing the security architecture, policies, and controls that safeguard our organization’s cloud platforms. This role blends technical depth, leadership, and strategic planning to protect cloud workloads from evolving threats and contributes to strategic security decisions. During a Typical Day, You’ll: - Direct and manage the Cloud Security team, ensuring effective staffing, training, and operational efficiency. - Oversee Cloud Posture and Vulnerability Management for enterprise and client cloud environments. - Ensure continuous monitoring and finding resolution of cloud infrastructure (AWS, Azure, GCP) findings out of CSPM/CNAAP tooling. - Define, track, and report on KPIs for cloud posture and vulnerability management. - Identify, assess, and govern mitigation of cloud-related risks through continuous monitoring and threat modeling. - Ensure adherence to frameworks such as SOC2, FedRamp, ISO 27001, NIST, PCI DSS, and HIPAA. - Verify security controls are implemented and functioning as designed. - Manage cloud security tools (CSPM, CWPP, CNAAP) and integrate them into operational workflows. - Act as the alternate escalation point for critical security issues, making decisions to ensure business continuity. - Mentor cloud security engineers and analysts to drive a culture of security awareness. - Collaborate with cloud providers, internal teams, and external auditors. Qualifications - 10+ years of progressive technology experience, including 5+ years in a security leadership role. - Bachelor’s degree in computer science, IT, or related field. - Cloud certifications such as CCSP, AWS Security Specialty, Azure Security Engineer, or Google Professional Cloud Security Engineer. - 7+ years of experience in cybersecurity, with at least 3 years focused on cloud security. - Strong understanding of network security, encryption, IAM, and DevSecOps practices. - Hands-on experience with AWS, Azure, or GCP security services. - Proven ability to translate complex technical risks into clear, business-focused language for senior leadership. Benefits - Supportive of your career and professional development. - An inclusive culture and community-minded organization where giving back is encouraged. - A global team of curious lifelong learners guided by our company values. - Ask us about our paid time off (PTO) and wellness and healthcare benefits. - A great compensation package and performance bonus opportunities. - Benefits you'd expect and maybe a few that would pleasantly surprise you (like tuition reimbursement).

• Create, manage, and respond to security incidents and conduct analysis in accordance with existing processes and company security policies • Installation, configuration, and administration of information security tools • Troubleshoot and resolve technical issues related to security tools and security processes • Coordinate with third-party vendors • Assist with internal and external audits associated with regulatory and compliance requirements • Provide formal notification to Information Security leadership when changes are planned that may impact the approved security posture of NICE CX or the associated certification and accreditation • Review and recommend improvements to information security processes • Ensure regular housekeeping activities are performed to maintain system integrity and monitoring