Cloud Security Engineer - Evinova

Job Title: Cloud Security Engineer Evinova
Location: Gaithersburg MD

At AstraZeneca we pride ourselves on crafting a collaborative culture that champions knowledge-sharing ambitious thinking and innovation ultimately providing employees with the opportunity to work across teams functions and even the globe.

Recognizing the importance of individualized flexibility our ways of working allow employees to balance personal and work commitments while ensuring we continue to create a strong culture of collaboration and teamwork by engaging face-to-face in our offices 3 days a week. Our head is purposely designed with collaboration in mind providing space where teams can come together to strategize brainstorm and connect on key projects.

Are you ready to be part of the future of healthcare Can you think big be bold and harness the power of digital and AI to tackle longstanding life sciences challenges Then Evinova a global health tech business might be for you!

Transform patients lives through technology data and innovative ways of working. Youre disruptive decisive and transformative. Someone excited to use technology to improve patients health. Were building a new Health-tech business Evinova a fully-owned subsidiary of AstraZeneca Group.

Evinova delivers market-leading digital health solutions that are science-based evidence-led and human experience-driven. Thoughtful risks and quick decisions come together to accelerate innovation across the life sciences sector. Be part of a diverse team that pushes the boundaries of science by digitally empowering a deeper understanding of the patients were helping. Launch pioneering digital solutions that improve the patients experience and deliver better health outcomes. Together we have the opportunity to combine deep scientific expertise with digital and artificial intelligence to serve the wider healthcare community and create new standards across the sector.

Introduction to Role:

The Cloud Security Engineer role at Evinova is a unique opportunity to join a global team of skilled cybersecurity professionals using next generation technologies to advance our cybersecurity risk management program on a global scale. This role operates at the intersection of Cloud Security Engineering and Cybersecurity Compliance - ensuring that our cloud environments are secure by default compliant with regulatory requirements and aligned to industry leading practices. Success in this role requires an analytical and threat-informed approach attention to detail and execution precision. This role will collaboratemulti-functionallyy across each cyber domain product engineering squads and business partners.

In this hands-on position youll dive deep into AWS native services designing hardened architectures building compliance driven guardrails in code partnering with DevOps Platform Operations to keep our platform secure and audit ready. The ideal candidate excels at distilling cybersecurity concepts into clear and concise advisory tailored for non-cyber audiences and ultimately contributing to an increased cyber literacy across Evinova. Reporting directly to the Head of Cloud Security Architecture and with near daily interactions with the Head of Cybersecurity this role provides continuous professional development opportunities through leadership visibility and exposure to strategic decision making.

Accountabilities:

Platform Security Engineering

• Design and harden AWS Native Infrastructure such as VPC IAM KMS EKS to meet the Evinova Cyber Baseline and CIS/NIST benchmarks
• Perform cloud security posture risk reviews by using our Cloud Security Posture Management (CSPM) tool CI/CD pipeline scanners and other cloud-centric vulnerability detection solutions
• Collaborate with DevOps and engineering teams to embed compliance checks into the CI/CD pipeline enabling proactive identification and resolution of compliance issues
• Coordinate vulnerability remediation efforts with the Platform Operations Team to ensure security relevant issues are addressed in a timely manner and in compliance with internal policies / risk metrics
• Support the Head of Cloud Security Architecture with evaluating cybersecurity risks related to our AWS Infrastructure Kubernetes workloads serverless functions and Infrastructure-as-Code (IaC) deployments
• Conduct research and information gathering to enrich risk exception responses and advising technical teams on mitigation strategies and leading practices
• Collaborate with the Platform Engineering teams to provide cybersecurity risk advisory on proposed architectural changes new platform features / services and third-party integrations to ensure alignment with secure design principles and our internal controls requirements
• Integrate Compliance-as-Code practices to automate compliance checks and ensuring alignment with all relevant regulatory requirements
• Implement continuous compliance strategies to maintain alignment to SOC2 and ISO 27001 standards reducing the risk of non-compliance and timely detection of compliance drift

Cybersecurity Risk and Compliance:

• Advise the Head of Cybersecurity by identifying new areas of focus and emerging risks that should be considered as part of our annual cyber strategy development and roadmap planning
• Participate in continuous improvement initiatives to enhance Evinovas cyber risk management methodology tooling decisions and workflows
• Partner with the Platform Engineering and Operations Teams to evaluate and monitor the effectiveness of technical and administrative controls (e.g. Vulnerability Management Log Source Ingestion)
• Perform technical risk and compliance assessments over our cloud infrastructure using structured methodologies aligned to SOC2 ISO 27001 NIST CSF and other industry relevant standards and regulations
• Maintain and enhance our Cybersecurity Risk Register by documenting newly identified risks updates to remediation efforts and following up on approved risk exceptions
• Contribute to the development and delivery of training on cybersecurity fundamentals / standard processes and emerging threat advisories

Audit Response and Evidence Analysis (External Audit Support):

• Collaborate with the Cyber GRC Leader and Head of Cybersecurity to provide timely and accurate responses to external audit and customer inquiries (e.g. SOC2 ISO 27001 Customer Qualifications)
• Perform periodic refreshes of our control evidences (i.e. proofs) to ensure continued validity and optimal audit response activities (e.g. collection organization and auditor submission)

Essential Skills/Experience:

• Bachelors degree or equivilent expereince in computer science business administration or a similar relevant area of study
• 5 years of hands-on experience in Cybersecurity specifically in the areas of Cloud Security and / or Platform Engineering
• Basic understanding of Amazon Web Services (AWS) services and core cloud security concepts (e.g. IAM encryption networking serverless container security)
• Knowledge of common Cloud Security and Web Application Security risks (e.g. OWASP Top 10)
• Familiarity with relevant information security frameworks and compliance standards specifically NIST CSF ISO 27001 SOC2 or CIS Controls. Experience with China MLPS is a strong plus not but required
• Strong written and verbal communication skills with the ability to eloquently draft risk statements rationales and mitigation strategies for both technical and non-technical audiences
• Experience working with / contributing to cybersecurity risk registers controls assessments and compliance tooling
• Hands on experience with cybersecurity remediation activities and controls implementation
• Ability to work independently in a fast-paced environment with a proven ability to manage competing priorities
• Excellent written and verbal communication skills project management process improvement attention to detail and critical thinking skills are highly preferred

Desirable Skills/Experience:

• Prior experience providing cloud / platform security capabilities at a SaaS/cloud service provider
• Familiarity with Life Sciences / Clinical Development related regulations and standards is a strong plus
• Experience in ensuring compliance within a highly regulated sophisticated global business environment particularly in the healthcare and/or clinical research industry
• Strong scripting experience in Python Go or Bash for guardrail automation and integrating security solutions.
• Prior experience using Wiz Splunk GitHub and other leading cybersecurity / engineering tools is a strong plus.
• Experience securing AWS native services such as EKS API Gateways cloud native cryptography and workload isolation strategies.
• A global perspective on privacy security and data protection issues and trends with experience in Asia-Pacific data privacy and protection regulations being a strong plus
• At least one of the following professional certifications: AWS Certified Solutions Architect AWS Certified Security Specialty Certified Kubernetes Administrator/Security (CKA/CKS) Certified Cloud Security Professional (CCSP) and / or Certified Information Systems Security Professional (CISSP)
• Demonstrated initiative and strong customer orientation with an ability to work effectively across cultures

Where can I find out more

• Learn more about Evinova
• Our Social Media Follow AstraZeneca on LinkedIn AstraZeneca on Facebook AstraZeneca on Instagram US Footprint: Powering Scientific Innovation - YouTube

Why Evinova

Evinova is a global health tech business separate company part of the AstraZeneca group. Together we can accelerate the delivery of life-changing medicines improve the design and delivery of clinical trials for better patient experiences and outcomes and think more holistically about patient care before during and after treatment. We know that regulators healthcare professionals and care teams at clinical trial sites do not want a fragmented approach. They do not want a future where every pharmaceutical company provides its own different digital solutions. They want solutions that work across the sector simplify their workload and benefit patients broadly. By bringing our solutions to the wider life sciences community we can help build more unified approaches to how we all develop and deploy digital technologies better serving our teams physicians and ultimately patients. Evinova represents a unique opportunity to deliver meaningful outcomes with digital and AI to serve the wider healthcare community and create new standards for the sector. Join us on our journey of building a new kind of health tech business to reset expectations of what a bio-pharmaceutical company can be. This means were opening new ways to work pioneering cutting-edge methods and bringing unexpected teams together. Interested Come and join our journey.

Total Rewards:

The annual base pay for this position ranges from $126906.40to $190359.60.Hourly and salaried non-exempt employees will also be paid overtime pay when working qualifying overtime pay offered may vary depending on multiple individualized factors including market location job-related knowledge skills and experience. In addition our positions offer a short-term incentive bonus opportunity; eligibility to participate in our equity-based long-term incentive program (salaried roles)to receive a retirement contribution (hourly roles) and commission payment eligibility (sales roles). Benefits offered included a qualified retirement program 401(k) plan; paid vacation and holidays; paid leaves; and health benefits including medical prescription drug dental and vision coverage in accordance with the terms and conditions of the applicable plans. Additional details of participation in these benefit plans will be provided if an employee receives an offer of employment. If hired employee will be in an at-will position and the Company reserves the right to modify base pay(as well as any other discretionary payment or compensation program) at any time including for reasons related to individual performance Company or individual department/team performance and market factors.

AstraZenecais an equal opportunity employer that is committed to diversity and inclusion and providing a workplace that is free from discrimination. AstraZeneca is committed to accommodating persons with disabilities. Such accommodation is available on request in respect of all aspects of the recruitment assessment and selection process and may be requested by emailing.

#LI-Hybrid

Date Posted