Mindoula is a next-generation population health management company that identifies, engages, and supports individuals with complex behavioral health, physical health, and social determinants of health across the care continuum. Through technology-enabled teams of case managers, care managers, community health workers, peer supports, therapists, and psychiatrists, Mindoula delivers scalable, 24/7 support to high-needs populations and helps partners achieve value-based care goals.

The Cloud Security Engineer will be responsible for designing, implementing, and maintaining secure and scalable infrastructure across multi-cloud environments, primarily AWS and Azure. This role is crucial for ensuring continuous compliance with stringent regulatory frameworks, including HITRUST. The engineer will leverage Infrastructure as Code (IaC) principles using tools like Terraform, manage version control with Git, and utilize cloud security posture management (CSPM) tools such as Wiz to secure the cloud footprint. They will work closely with development, data, and IT teams to build automated, secure, and resilient cloud platforms that support the company's mission.

Beyond the keyboard, we are looking for a collaborative and empathetic problem solver who views security as a business enabler. You possess strong communication skills capable of bridging the gap between complex engineering concepts and executive business strategy. You demonstrate grace under pressure during incident response. A growth mindset and a passion for staying ahead of the rapidly evolving threat landscape are essential.

Essential Duties and Responsibilities:

• Design, deploy, and maintain secure infrastructure across AWS and Azure environments with high availability and disaster recovery capabilities
• Develop and maintain Infrastructure as Code using Terraform with GitOps workflows and automated CI/CD pipelines.
• Implement and maintain security controls meeting HIPAA, HITRUST, FERPA,PCI DSS, SOX requirements.
• Design comprehensive monitoring and alerting using Zabbix integrated with cloud-native tools, performing capacity planning and cost optimization
• Cloud IAM ownership
• Create automation scripts and configuration management using Ansible, Python, and Bash to streamline operations
• Lead incident response efforts and participate in 24/7 on-call rotation for critical infrastructure
• Develop and maintain clear, actionable runbooks, Standard Operating Procedures (SOPs), and architectural diagrams from complex security workflows.
• Ensure operational consistency and facilitate knowledge transfer across the team.
• Champion a 'fix it forever' mindset by identifying the underlying behavioral or procedural drivers behind security alerts and implementing preventative controls.
• Partner with development, data, and IT teams to architect solutions and provide technical mentorship
• Foster a collaborative security culture that prioritizes business continuity and velocity while ensuring robust risk mitigation.
• Support compliance audits with technical implementation, documentation, and evidence collection
• Demonstrate critical thinking and autonomy to solve novel security challenges in situations with incomplete information or shifting parameters.

Experience & Education

• Bachelor's degree in Computer Science, Information Technology, or related field (Additional experience in lieu of a formal degree is acceptable)
• 4-7 years of hands-on experience designing, securing and managing cloud infrastructure in AWS and Azure
• 4-7 years of hands-on experience managing, hardening, and maintaining Linux server environments.
• 3+ years of experience with Infrastructure as Code tools, particularly Terraform/Ansible
• Demonstrated experience in healthcare environments
• Bonus: Relevant Cloud or Security certifications (e.g., CISSP, CCSP, AWS Security Specialty)
• Bonus: Kubernetes / PostgreSQL / Ruby Experience

Location

This is a 100% remote position that must be located in the United States. Must be authorized to work in the United States; Mindoula is not able to provide employment sponsorship.

A Note to Candidates

We strongly encourage all qualified candidates to apply, even if you don't meet every requirement listed. Research indicates that many talented individuals, especially those from underrepresented backgrounds, often only apply if they meet 100% of the criteria.

We are seeking a Cloud Security Engineer who demonstrates grit, curiosity, and a strong security mindset. We value diverse paths into technology, including self-taught expertise, bootcamps, or military experience. If you believe you have the skills to excel in this role, we urge you to submit your application.