Security Engineer at QGenda

AtlantaFull-timeDevelopmentPosted about 1 month ago

About the Role

<div class="content-intro"><h2>Who We Are</h2> QGenda is redefining healthcare workforce management everywhere care is delivered. We're on a mission to empower the healthcare industry to better onboarding, deploy, and manage their workforce. Over 4,500 healthcare organizations have trusted us to help them make strategic workforce decisions through our unified software platform. With more than 800 employees across the US, we are united in our vision and culture to make a difference for our customers, while enjoying the day-to-day.  At QGenda, we value our employees and their contributions toward the success of the business. We strive to create a dynamic work environment that fosters growth, innovation, and collaboration, where employees can be proud of the work they do and the impact it has on the healthcare industry.  QGenda is headquartered in Atlanta.  To learn more about QGenda, visit us at <a href="qgenda.com" target="_blank">qgenda.com</a> or follow us on <a href="https://www.instagram.com/qgendalife/" target="_blank">Instagram</a> or <a href="https://www.linkedin.com/company/qgenda/" target="_blank">LinkedIn</a>. </div><h2>About Your Role </h2> As a Mid-Level Security Engineer at QGenda, your primary responsibility will be to leverage your robust AWS security expertise to secure cloud-based applications, infrastructure, and customer data against evolving threats. You will collaborate closely with Product, Development, and Infrastructure Teams, integrating AWS security tools and processes into our SDLC while advancing the organization’s overall security posture. This role offers significant opportunities for professional development and direct impact on our evolving security environment. <h2>How You’ll Make an Impact  </h2> <ul> <li>Assist in the design, implementation, and management of AWS-native security solutions such as GuardDuty, SecurityHub, Inspector, and Config to secure our infrastructure and systems.</li> <li>Aid in automating and scaling security processes, integrating best practices and tools (e.g., SAST, DAST, SCA) into the Software Development Life Cycle (SDLC) through close collaboration with development teams.</li> <li>Lead vulnerability management, overseeing scanning, risk prioritization, and coordination of timely remediation efforts, including patching.</li> <li>Proactively implement security controls and governance for the safe and compliant adoption of generative AI and AI/ML technologies.</li> <li>Apply AWS Cloud security best practices to monitor, detect, respond, and mitigate risks effectively.</li> <li>Help Develop and maintain security policies, standards, and procedures aligned with frameworks like NIST, ISO 27001, and SOC 2.</li> <li>Support security audits and compliance efforts for regulatory requirements such as HIPAA, SOC 2, and FedRAMP.</li> <li>Offer security awareness training and guidance to staff, and clearly report security metrics to management.</li> </ul> <h2>Who You Are  </h2> <ul> <li>Extensive hands-on expertise with AWS security tools and concepts, including IAM, Key Management Service (KMS), AWS Organizations, and encryption techniques.</li> <li>Proven ability to design and deploy secure architectures in AWS, including multi-account structure configurations.</li> <li>Hands-on experience with DevSecOps practices and securing CI/CD pipelines, including SCA, SAST, and IaC tools.</li> <li>Proficiency in scripting and automation (Python, Bash, PowerShell Core) to drive efficiency and scalability in security operations.</li> <li>Expertise in vulnerability management, including hands-on experience with scanning tools (e.g., Nessus, Qualys) and a proactive approach to risk prioritization and remediation.</li> <li>Familiarity with Cloud Native Application Protection Platform (CNAPP) solutions (e.g., Wiz, Sysdig, Orca, Lacework).</li> <li>Knowledge of industry compliance standards and frameworks (e.g., NIST, ISO 27001, HIPAA, SOC 2) and their practical application.</li> <li>Ability to strategically leverage AI and ML tools to augment and enhance security workflows, ensuring a human-in-the-loop approach to maintain critical oversight and judgment.</li> <li>Demonstrated experience in incident response coupled with exceptional problem-solving and composure under pressure.</li> <li>Excellent communication and collaboration skills, vital for partnering with cross-functional teams and advocating for security best practices.</li> </ul> <h2>Experience You Bring  </h2> <ul> <li>Bachelor's degree from an accredited college or university or equivalent industry experience.</li> <li>1-4+ years of experience in security engineering, security operations, or related fields.</li> </ul> <h2>Not Required, But Nice to Have </h2> <ul> <li>Relevant certifications such as CySA+, CEH, OSCP, E|CDE, or AWS Security Specialty.</li> <li>Deep knowledge of container security (e.g., Docker, Kubernetes).</li> <li>Familiarity with: zero-trust architecture principles, OpenSSF, CNCF, MITRE ATT&CK, Threat Modeling, OWASP, CIS, CVSS, DLP, and IAM.</li> </ul> <div>   #LI-Hybrid </div><div class="content-conclusion">Applicants for this position must be authorized to work for any employer in the United States (U.S.), including being located in the US. We are unable to sponsor, take over sponsorship of, or hire candidates with an employment visa at this time.  <h2>What’s In It For You</h2> We offer a comprehensive total rewards package to support our full-time employees and their family’s day-to-day needs, well-being and major life events, which includes:  <ul> <li style="color: rgb(78, 77, 77);">Fully company-paid options for medical (both in-person and virtual), dental and vision insurance</li> <li style="color: rgb(78, 77, 77);">Generous paid time off (PTO) policy to enjoy periods of uninterrupted rest and relaxation for a healthy work/life balance</li> <li style="color: rgb(78, 77, 77);">Paid parental leave for birth, adoption or permanent placement </li> <li style="color: rgb(78, 77, 77);">401(k) with company match </li> <li style="color: rgb(78, 77, 77);">Options to work in a hybrid-working model or remotely from home, depending on the position</li> <li style="color: rgb(78, 77, 77);">Annual Costco membership, cell phone stipend, commuter benefits, in-office perks and more </li> </ul> QGenda delivers technology solutions to improve how healthcare is delivered and increase access — for everyone. We can only succeed by bringing together diverse minds, thoughts, ideas and team members to create better solutions for our customers and make us a better company as a whole. We are committed to creating a culture of embracing diversity, inclusion and equity for all.  QGenda is an Equal Employment Opportunity employer and makes all employment decisions without regard to race, color, religion, creed, gender, sex (including pregnancy), sexual orientation, gender identity or expression, natural origin, ancestry, age, marital status, disability or genetic information, military status, status as a disabled or protected veteran or any other protected status under applicable law.  If you require accommodations or assistance to complete the online application process, please contact <a style="color: rgb(78, 77, 77);" href="mailto:[email protected]">[email protected]</a> and identify the type of accommodation or assistance you are requesting. Do not include any medical or health information in this email. We will respond to your email promptly. </div>

About the Role

About the Role

Related Roles

About the Role

Related Roles