Title: Cloud Security Engineer I
Location: Midtown
Org Unit: IT Security
Work Days: Monday-Friday
Exemption Status: Exempt
Salary Range: $101,600.00 – $113,500.00
*As required under NYC Human Rights Law Int 1208-2018 – Salary range for this role when Hired for NYC Offices
Position Summary
This position involves all technical aspects of security and requires participation in project-oriented work. Works closely with other domain engineers and architects to help drive the innovation, evolution, and design of Weill Cornell Medicine’s enterprise cloud computing platforms. This position provides the opportunity to participate in multiple areas of IT cloud infrastructure by using risk analysis, industry knowledge, security standards, and other tools to develop and implement security solutions for our environment without diminishing productivity.
Job Responsibilities
- Assists architects and senior engineers to implement security and identity environments and ensure related controls run optimally and effectively.
- Identifies opportunities for efficiency improvements. Leads related efforts through automation and orchestration of repeatable tasks.
- Evangelizes security and secures practices while promoting and maintaining a favorable and positive work environment for yourself and others to assist in the overall mission of the medical college and hospital.
- Assists in event monitoring and incident response activities. Includes assisting in creation and execution of playbooks.
- Assists in developing and maintaining metrics and reports to provide senior management insight and evidence supporting effectiveness of security infrastructure, controls, projects, and processes.
- Responsible for innovative security work identifying, deploying, and integrating security, identity, and related technologies.
- Maintains an awareness of ever evolving cyber threats and continuously updates skillset as needed.
- Performs other related duties as assigned
Education
- Bachelor’s Degree in related field
Experience
Minimum Requirements:
- IT-related bachelor’s degree or three years of experience with security-related technologies.
- Three years of hands-on experience implementing and managing security controls according to best practices.
- Experience with one or more common scripting and/or programming languages (e.g., Python, PowerShell, Bash, Java, etc.)
- Experience configuring and analyzing logs from a variety of different systems and applications particularly as it relates to event monitoring and incident response activities.
- Knowledge of common networking and service protocols (e.g., TCP/IP, HTTPS, SSH).
Highly Desired Requirements:
- A passion for building cloud environments while taking a practical and balanced approach to security and privacy highly desired
- Extensive experience with infrastructure as code principles and tools such as Terraform highly desired
- Experience with multiple cloud technologies (SaaS, PaaS, IaaS) and making recommendations on their use and security highly desired
- Relevant information security or certifications e.g., (ISC)² CCSP or CISSP, or SANS/GIAC GCLD, GPCS, GCPN, or GCSA highly desired
- Experience with Information Technology processes at a health care or academic institution and knowledge of related regulatory requirements (e.g., HIPAA, FERPA, PCI, etc.) highly desired
- Comfortable working with technologies at all layers of the OSI model highly desired
Knowledge, Skills and Abilities
- Ability to think outside the box in terms of designing systems and solutions.
- Ability to deliver under tight deadlines.
- Ability to create and present documentation, diagrams, reports for technical and non-technical audiences.
- Ability to work with minimal supervision in a very demanding and high-pressure environment.
- A strong team player that desires to educate and help people of various backgrounds and skill levels.
- Familiarity with SharePoint, Box, Confluence, ServiceNow or similar documentation storage and management systems.
- Experience solving problems and making important decisions with minimal supervision.
- Excellent written and verbal communication skills on both technical and non-technical topics.
Licenses and Certifications
Working Conditions/Physical Demands
- Works off-hours as needed.
Weill Cornell Medicine is a comprehensive academic medical center that is committed to excellence in patient care, scientific discovery, and the education of future physicians and scientists in New York City and around the world. Our doctors and scientists – faculty from Weill Cornell Medical College, Weill Cornell Graduate School of Medical Sciences, and the Weill Cornell Physician Organization – are engaged in world-class clinical care and cutting-edge research that connect patients to the latest treatment innovations and prevention strategies. Located in the heart of the Upper East Side’s scientific corridor, Weill Cornell Medicine’s powerful network of collaborators extends to its parent university Cornell University; to Qatar, where an international campus offers a U.S. medical degree; and to programs in Tanzania, Haiti, Brazil, Austria and Turkey. Our medical practices serve communities throughout New York City, and our faculty provide comprehensive care at NewYork-Presbyterian Hospital/Weill Cornell Medical Center, NewYork-Presbyterian/Lower Manhattan Hospital, NewYork-Presbyterian Hospital/Brooklyn Methodist Hospital, NewYork-Presbyterian Hospital/Westchester Behavioral Health Center, and NewYork-Presbyterian/Queens. At Weill Cornell Medicine, we work together to treat each individual, not just their conditions or illnesses, as we strive to deliver the finest possible care for our patients – the center of everything we do. Weill Cornell Medicine is an Equal Employment Opportunity Employer. Weill Cornell Medicine provides equal employment opportunities to all qualified applicants without regard to race, sex, sexual orientation, gender identity, national origin, color, age, religion, protected veteran or disability status, or genetic information.
The Office of Career Strategy posts job listings for the convenience of students. The University does not endorse or recommend employers and a posting does not constitute an endorsement or recommendation. The University explicitly makes no representations or guarantees about job listings or the accuracy of the information provided by the employer. The University is not responsible for safety, wages, working conditions, or any other aspect of off-campus employment without limitation. It is the responsibility of students to perform due diligence in researching employers when applying for or accepting private, off-campus employment and to thoroughly research the facts and reputation of each organization to which they are applying. Students should be prudent and use common sense and caution when applying for or accepting any position. All concerns and issues related to job and/or internship opportunities, including those posted within the Yale Career Link, should be addressed promptly via email to the Office of Career Strategy.