Curi is a full-service advisory firm that serves physicians and medical practices. Equal parts fierce physician advocates, smart business leaders, and thoughtful partners, Curi's advisory, capital, and insurance offerings deliver valued advice that is grounded in client priorities and elevated by their outcomes. From data-driven advisory services to private wealth offerings, to tailored medical malpractice insurance solutions and beyond, we deliver performance that is time-tested and trusted-in medicine, business, and life.

We are seeking a highly skilled and experienced Cyber Security Engineer with a primary focus on AWS security to join our dynamic team. In this role, you will be responsible for designing, implementing, and managing security solutions to safeguard our cloud infrastructure on AWS. You will work closely with our security and engineering teams to ensure the security and compliance of our cloud environments (AWS, Azure and GCP).

KEY RESULT AREAS:

1. AWS Security Implementation
2. Infrastructure as Code (IaC) Integration
3. SIEM Monitoring and Incident Response
4. Educate and collaborate with various stakeholders

AWS Security Implementation

• Design, deploy, and maintain security solutions for AWS environments, including IAM policies, network security configurations, and monitoring systems.
• Conduct regular security assessments and audits of AWS resources, monitor environments using security tools, and respond to security incidents promptly to mitigate risks.
• Stay current on AWS and other cloud security features and best practices and provide recommendations for enhancing the security posture of our infrastructure.
• Document security configurations, policies, and procedures related to AWS environments and contribute to developing security standards and guidelines.

Infrastructure as Code (IaC) Integration

• Implement security best practices using IaC tools like Terraform to ensure consistent and automated security configurations across all AWS environments.

SIEM Monitoring and Incident Response

• Monitor events in the SIEM tool and respond to phishing incidents to protect the organization's assets and data.
• Set up, configure, and conduct vulnerability management with our SIEM (Rapid 7) and coordinate remediation efforts to address vulnerabilities.
• Participate in security assessments and penetration testing activities.

Educate and collaborate with various stakeholders

• Collaborate with different teams to integrate security into the software development lifecycle (SDLC) and automate security controls in the CI/CD pipeline.
• Conduct security onboarding for new team members, ensuring they are aware of security policies and best practices.

• Strong understanding of AWS services and features such as IAM, VPC, CloudTrail, and AWS Config.
• Experience with Infrastructure as Code (IaC) tools such as Terraform and version control systems like GitHub.
• Excellent analytical and problem-solving skills, with the ability to assess complex security issues and propose effective solutions.
• Strong communication and collaboration skills, with the ability to work effectively with cross-functional teams.

• 3-5 years working in Cyber Security.
• Bachelor's Degree in a related business or technical discipline or the equivalent combination of education, technical training, or work/military experience in lieu of a degree.
• AWS certifications (e.g., AWS Certified Security - Specialty) are required.
• CCSP (Certified Cloud Security Professional) certification is preferred.