Cloud Security Engineer

The mission of Washington Health Benefit Exchange (Exchange) is to radically improve how Washington residents secure health insurance through innovative and practical solutions, an easy-to-use customer experience, our values of integrity, respect, equity and transparency, and by providing undeniable value to the health care community.

The Exchange is a public-private partnership that operates Washington Healthplanfinder, the eligibility and enrollment portal used by one in four Washington residents to obtain health and dental coverage. Through this platform, and with support from a Customer Support Center and statewide network of in-person navigators and brokers, individuals and families can shop, compare and enroll in private, qualified health plans (as defined in the Affordable Care Act) or enroll in Washington Apple Health, the state Medicaid program.

The Exchange embraces the following equity statement adopted by our Board of Directors:

Equity is fundamental to the mission of the Washington Health Benefit Exchange. The process of advancing toward equity and becoming anti-racist is disruptive and demands vigilance to dismantle deeply entrenched systems of privilege and oppression. While systemic racism is a root cause of many societal inequities, we must also use an intersectional approach to address all forms of bias and oppression, which interact with and often exacerbate racial inequities.

To be successful, we must recognize the socioeconomic drivers of health and focus on people and places where needs are greatest. As we listen to community, we must hold ourselves accountable to responding to recommendations to remedy inequitable policies, systems, or practices within the Exchange's area of influence. Our goal is that all Washingtonians have full and equal access to opportunities, power and resources to achieve their full potential.

SUMMARY

The Cloud Security Engineer position supports the Cloud & Infrastructure Security Team in the implementation and ongoing maintenance of information security solutions across both on-premises and cloud environments. The role focuses on providing expert guidance in cloud and infrastructure security architecture, with a strong emphasis on Microsoft Azure and cloud-native environments. Key responsibilities include enforcing security controls and configuration standards across cloud and on-premise systems, participating in design reviews, and collaborating with Dev Ops and Infrastructure teams to embed security best practices throughout the software development lifecycle.

The position also involves evaluating emerging security technologies, maintaining comprehensive security architecture documentation, assessing the implementation of security controls, and managing vulnerability scanning processes to identify and mitigate potential risks.
• Serve as a subject matter expert in cloud and infrastructure security, providing guidance on Microsoft Azure and cloud-native architectures.

* Enforce secure architectural requirements, security controls, and configuration standards for current and new cloud and on-premise infrastructure in accordance with WAHBE security policies and regulatory requirements (e.g., CMS, IRS).

* Perform cross-functional Cloud & Infrastructure security design reviews to ensure solutions align with established security policies.

* Collaborate with Infrastructure and Dev Ops teams to embed security best practices throughout infrastructure-as-code, CI/CD pipelines, and the software development lifecycle, implementing automated controls, threat modeling, and monitoring.

* Evaluate and recommend new and emerging security products and technologies.

* Create and maintain security architecture documentation, including models, baselines, templates, and diagrams.

* Assess the effectiveness of implemented security controls, identify any gaps, and provide progress updates.

* Configure, schedule, and conduct vulnerability scans using enterprise tools to identify potential security weaknesses.

* Analyze and prioritize vulnerabilities based on risk and potential impact to WAHBE.

* Assess identified findings from scan reports and develop actionable recommendations and compensating controls to address and mitigate associated risks.

* Collaborate with Infrastructure and Operations teams to develop and implement remediation plans.

* Ensure robust and measurable Vulnerability Management practices within both cloud and on-premise environments

* Report on vulnerability trends and key areas for improvement.

* Maintain and optimize security tools and technologies including but not limited to firewalls, endpoint protection, and SIEM.

* Continuously monitor the cloud and on-premise environment for security events, anomalies, and potential threats, and conduct thorough investigations to identify root causes and impacts.

* Perform technical incident response efforts, including investigation, containment, and recovery from security breaches, and preparation of incident reports.

*…