Job Title

Hi All,We are looking for Cloud security Engineer in Healthcare domain.Experience- 6-8 yearsLocation- Thiruvananthapuram, Bangalore, Chennai, Pune, Gurgeon.please share the resume to praveena.madankumar@JD:The ideal candidate will possess strong analytical skills, solid understanding of healthcare data protection requirements and the ability to collaborate effectively with technical and business stakeholders across distributed teams.Responsibilities Primary duties may include, but are not limited to:• Conducts security reviews for applications integrating with the organization, including SaaS platforms and API-based solutions.• Evaluates vendor-provided security controls and documentation to ensure alignment with enterprise security and compliance requirements.• Reviews data flow, PHI usage and integration patterns to validate adherence to healthcare security standards.• Supports implementation and maintenance of security frameworks such as NIST, SOC 2 Type 2 and HITRUST (experience with HITRUST preferred).• Participates in governance, risk, and compliance activities including documenting controls, tracking remediation and preparing artifacts for audits.• Performs initial triage of security exception requests and routes them appropriately based on technical complexity and risk.• Conducts research and analysis of third-party applications to determine suitability, data protection posture and potential model training or data-use concerns.• Assesses endpoint-level security requirements and ensures solutions meet baseline security expectations.• Coordinates with internal teams to launch, conduct and manage security awareness and training.• Develops documentation, assessment reports and communication materials for technical and non-technical stakeholders.• May provide guidance to project teams and act as a subject-matter resource for application and vendor security assessments.Requirements• Bachelor’s degree in Information Security, Computer Science, or a related field; minimum of 5 years of security engineering, application security, or GRC experience.• CISSP certification is required.• Experience conducting security assessments for SaaS, API and third-party integrations.• Strong understanding of PHI handling requirements and healthcare data protection expectations.• Familiarity with security frameworks such as NIST, SOC 2 Type 2 and HITRUST.• Experience supporting governance, risk, and compliance functions.• Ability to analyze technical controls at an appropriate level without requiring deep engineering specialization.• Experience reviewing exception requests, vendor assessments or third-party risk evaluations.• Strong written and verbal communication skills, including the ability to create clear documentation and communicate risk effectively.• Comfortable working independently in an offshore model while collaborating closely with US based teams.• Proficiency with productivity tools such as MS Word, MS Excel, and standard security assessment templates or platforms.ThanksPraveenaPraveena.Madankumar@