Design, review, and govern security architectures for cloud (AWS/Azure/GCP) and on‑prem infrastructure.
Ensure alignment with enterprise security standards, threat models, and regulatory requirements.
Provide security design guidance for new platforms, applications, and services.
Participate in architecture and design reviews to identify risks early and recommend mitigations.
Cloud & Infrastructure Security
Implement and manage cloud security controls including IAM, network security, data protection, logging, and monitoring.
Secure on‑prem environments including servers, networks, virtualization platforms, and hybrid integrations.
Support secure configuration baselines and hardening standards for cloud and on‑prem systems.
Vulnerability Management
Own and drive the vulnerability management lifecycle, including discovery, triage, risk scoring, remediation guidance, and verification.
Analyze scan results and penetration test findings to determine true risk and business impact.
Partner with engineering and infrastructure teams to prioritize remediation efforts.
Risk Analysis & Threat Modeling
Perform security risk assessments, threat modeling, and impact analysis for systems and services.
Translate technical findings into clear risk statements and actionable recommendations.
Support ongoing risk tracking and reporting for leadership and audit readiness.
Security Operations & Governance
Contribute to incident response investigations from a technical analysis perspective.
Support compliance initiatives (e.g., ISO, SOC, HIPAA, IEC 62304, NIST) by providing technical evidence and assessments.
Develop and maintain security standards, patterns, and reference architectures.
Required Qualifications
8-12 years of experience in cyber security engineering, with hands‑on expertise in both cloud and on‑prem environments.
Strong experience with cloud platforms (AWS, Azure, or GCP) and associated security services.
Proven background in security architecture, design reviews, and infrastructure security.
Hands‑on experience with vulnerability scanning tools, risk assessment methodologies, and remediation processes.
Solid understanding of network security, operating system security, and identity and access management.
Strong analytical and communication skills, with the ability to explain security risks to both technical and non‑technical stakeholders.
Requirements
Experience working in regulated environments (healthcare, medical devices, finance, or similar).
Familiarity with security frameworks and standards such as NIST, ISO 27001, CIS, OWASP.
Experience with container and Kubernetes security.
Security certifications such as CISSP, CCSP, CISM, or equivalent.
Experience supporting hybrid or large‑scale enterprise environments.
Job Description
Roles and Responsibilities
Security Architecture & Design
Design, review, and govern security architectures for cloud (AWS/Azure/GCP) and on‑prem infrastructure.
Ensure alignment with enterprise security standards, threat models, and regulatory requirements .
Provide security design guidance for new platforms, applications, and services.
Participate in architecture and design reviews to identify risks early and recommend mitigations.
Cloud & Infrastructure Security
Implement and manage cloud security controls including IAM, network security, data protection, logging, and monitoring.
Secure on‑prem environments including servers, networks, virtualization platforms, and hybrid integrations.
Support secure configuration baselines and hardening standards for cloud and on‑prem systems.
Vulnerability Management
Own and drive the vulnerability management lifecycle , including discovery, triage, risk scoring, remediation guidance, and verification.
Analyze scan results and penetration test findings to determine true risk and business impact.
Partner with engineering and infrastructure teams to prioritize remediation efforts.
Risk Analysis & Threat Modeling
Perform security risk assessments , threat modeling, and impact analysis for systems and services.
Translate technical findings into clear risk statements and actionable recommendations.
Support ongoing risk tracking and reporting for leadership and audit readiness.
Security Operations & Governance
Contribute to incident response investigations from a technical analysis perspective.
Support compliance initiatives (e.g., ISO, SOC, HIPAA, IEC 62304, NIST) by providing technical evidence and assessments.
Develop and maintain security stan
Benefits
Health insurance
Additional Information
Job Description Summary
We are seeking an experienced Senior Security Engineer to lead and execute security architecture, design, vulnerability management, and risk analysis across both cloud and on‑premises environments. This role is responsible for ensuring secure‑by‑design implementations, proactive risk identification, and continuous improvement of the enterprise security posture across platforms, infrastructure, and applications.
Gehc · Waukesha