Cloud Security Analyst
Panalgo's mission is to improve healthcare and access to therapies through innovative analytics. Our team has built a next-generation analytics platform, Instant Health Data (IHD), to bring researchers together to generate insights into market access, improving population health, quality of care, and managing costs. You’ll work with an interdisciplinary staff from outcomes research, informatics, epidemiology, medicine, and software development backgrounds to further the company’s mission of improving healthcare through innovative data analytics.
We are seeking a skilled and experienced Cloud Security Analyst to join our team. As a Cloud Security Analyst, you will play a crucial role in ensuring the security and compliance of our cloud infrastructure. Your expertise in Linux and Windows system administration, along with proficiency in various security technologies, will be essential to safeguarding our organization's assets and data against potential security threats and vulnerabilities.
- Design, implement, and maintain robust security measures for our cloud infrastructure, with a focus on Linux and Windows systems within an AWS environment
- Conduct comprehensive security assessments, vulnerability scans, and penetration tests using Nessus and other industry-leading tools to identify and remediate potential risks
- Monitor and analyze system logs, security event data, and network traffic using advanced SIEM solutions like Splunk, ELK Stack (Elasticsearch, Logstash, Kibana), or QRadar to proactively detect and respond to security incidents, intrusions, and anomalies
- Develop and enforce security policies, standards, and procedures for cloud-based systems, ensuring compliance with industry regulations and frameworks such as HITRUST CSF, PCI DSS, and NIST SP 800-53
- Collaborate closely with cross-functional teams to implement and configure security controls and technologies, including next-generation firewalls (e.g., Palo Alto Networks, Fortinet), intrusion detection/prevention systems (e.g., OSSEC, Snort, Suricata), and secure web gateways (e.g., Zscaler, Cisco Umbrella)
- Perform in-depth security reviews and risk assessments of third-party vendors and cloud service providers, evaluating their adherence to security standards and conducting comprehensive audits
- Stay up to date with emerging cloud security trends, vulnerabilities, and advanced persistent threats (APTs) to proactively mitigate potential security risks
- Provide expert guidance and support to internal teams on secure cloud architecture, configuration, and deployment practices, leveraging AWS services such as AWS WAF, AWS CloudHSM, and AWS Secrets Manager
- Contribute to incident response activities, including investigating security breaches, applying forensic techniques, and collaborating with stakeholders to develop containment, recovery, and prevention strategies
- Drive the development and implementation of security awareness and training programs to promote a culture of security awareness and ensure all employees understand their roles and responsibilities in maintaining a secure cloud environment
- Proficiency in Linux and Windows system administration, including installation, configuration, and troubleshooting in cloud environments
- Strong understanding and practical experience in AWS cloud security services, including EC2, S3, IAM, VPC, CloudTrail, AWS Config, and AWS Security Hub
- Experience with vulnerability assessment tools such as Nessus, and proficiency in conducting penetration testing and vulnerability management activities
- In-depth knowledge of SIEM solutions like Splunk, ELK Stack (Elasticsearch, Logstash, Kibana), or QRadar for log analysis, correlation, and threat detection
- Familiarity with network security technologies such as next-generation firewalls (Palo Alto Networks, Fortinet), intrusion detection/prevention systems (Snort, Suricata), and secure web gateways (Zscaler, Cisco Umbrella)
- Understanding or exposure to security compliance frameworks and standards such as HITRUST CSF, PCI DSS, HIPAA, ISO 27001, and NIST SP 800-53 and how it maps to real-world tooling
- Experience with encryption technologies, SSL/TLS protocols, secure network communication, and cryptographic concepts
- Proficiency in scripting and automation using languages such as Python, PowerShell, or Bash for security-related tasks
- Excellent problem-solving skills and the ability to work effectively in a dynamic, fast-paced environment
- Strong written and verbal communication skills, with the ability to articulate complex security concepts to technical and non-technical stakeholders
- Experience with other cloud platforms such as Microsoft Azure or Google Cloud Platform or private clouds
- Knowledge of containerization technologies and security best practices (Docker, Kubernetes) and related tools like Twistlock or Aqua Security
- Familiarity with DevOps principles and integrating security into CI/CD pipelines using tools like Jenkins, GitLab, or Azure DevOps
- Certifications in relevant cloud security domains (e.g., AWS Certified Security Specialty, Certified Cloud Security Professional - CCSP)
Why be a Part of Panalgo:
- Leading healthcare data analytics/ big data company.
- Work on a team of talented engineers and analysts.
- Work to smooth patient access to critical therapies.
- Strong corporate culture.
- Great mentorship and professional growth opportunities.
- Remote / Hybrid work opportunities
The expected base salary for this position ranges from $150,000 to $250,000. It is not typical for offers to be made at or near the top of the range. Salary offers are based on a wide range of factors including relevant skills, training, experience, education, and, where applicable, licensure or certifications obtained. Market and organizational factors are also considered.
What we offer you:
- Medical and prescription drug benefits
- Health savings accounts or flexible spending accounts
- Dental plans and vision benefits
- Basic Life and AD&D Benefits
- 401k retirement plan
- Short and Long Term Disability
- Education benefits
- Paid parental leave
- Unlimited paid time off
Panalgo provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.
This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.