Cloud Security Engineer

At FedPoint we are committed to ensuring the security and integrity of our cloud environments. Our Information Security and Risk Management Department provides leadership in the development and maintenance of our Security Risk Governance Program, ensuring compliance with critical state and federal regulations while protecting the confidentiality, integrity, and availability of our information assets.

As part of this initiative, we are seeking an experienced Cloud Security Engineer to strengthen our cloud security posture and support our cloud security operations.

As a Cloud Security Engineer, you will play a key role in reducing cloud security risks by implementing best practices, security guardrails, and ensuring compliance with oversight agencies. You’ll collaborate with cross-functional teams to strengthen security controls, assist in threat modeling, recommend best practices, and improve cloud security configurations.

Key Responsibilities:

1. Cloud Security: (85%)
   • Guide cloud engineering teams on cloud security analysis, best practices, and security configurations.
   • Partner with engineering teams to establish security baselines and ensure adherence to security policies and standards.
   • Monitor and improve cloud-based security systems, including AWS and multi-tenant Azure environments.
   • Design, build, and maintain secure infrastructure patterns using Infrastructure as Code (IaC).
   • Develop and implement security monitoring processes and cloud security incident response playbooks.
   • Integrate security measures into CI/CD pipelines and DevSecOps practices.
   • Lead efforts to track and report compliance and risk status to external agencies.
2. Incident Response: (10%)
   • Lead and support incident response efforts for cloud security incidents.
   • Automate and improve threat detection and response capabilities.
   • Provide technical expertise to identify, analyze, and remediate cyber threats.
   • Collaborate with the Security Operations Center (SOC) and provide guidance on security alerts and incidents.
3. Continuous Improvement: (5%)
   • Seek feedback from stakeholders and support ongoing improvements in cloud security practices.

Qualifications:

• Education: Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field.

• Experience:
  • 7 years in security roles related to government and regulatory requirements (e.g., FIPS, FEDRAMP, NIST, HIPAA, etc.).
  • 7 years working in cloud environments with at least 4 years of hands-on AWS security experience (e.g., GuardDuty, Security Hub, IAM, etc.).
  • Experience with DevSecOps, automated security tools, and Infrastructure as Code (Terraform, CloudFormation).
  • Solid understanding of IAM, CI/CD pipelines, and cloud security risk assessments.
  • Experience with MFA, Conditional Access Policies, and Identity Risk Policies.

• Certifications: At least one of the following:
  • AWS Certified Security Specialty
  • CCSP (Certified Cloud Security Professional)
  • CISSP (Certified Information Systems Security Professional)

Location: Portsmouth, NH - Hybrid Role

Schedule: Enjoy the perfect balance of in-office collaboration and remote work with a Hybrid schedule, plus the option to work from home a few days a week!

About FedPoint
FedPoint creates and operates digital benefits marketplaces that make it easy for our millions of federal and military customers to understand, select, and use their benefits. A subsidiary of John Hancock Life & Health Insurance Company, FedPoint was founded in 2002 and is headquartered in Portsmouth, NH. To learn more, visit fedpointusa.com.

Why Join Us?

At FedPoint, our mission is to create and deliver world-class benefits experiences for our customers, clients, and business partners.

We offer a dynamic work environment where innovation and collaboration are encouraged. You'll have the opportunity to make a significant impact while honing your skills and advancing your career.

In addition to working for a company with great people and an excellent reputation, what’s in it for you?

• Generous 401k plan: 100% match of employee's contribution, up to a maximum of 6% salary, vests immediately.
• Bonus Opportunity: Qualifying employees can earn up to 7% of their salary, based on company performance. (Inquire about eligibility with our recruiter)
• Lots of paid time off: 3 weeks’ vacation, 7 sick days, 3 personal days, and 12 paid holidays!
• Competitive benefits include health, dental, vision, disability, life, legal, flexible spending account (FSA) and Health Savings Account (HSA) options.
• 6 weeks fully-paid parental leave
• Tuition reimbursement program to support career goals.
• Corporate giving and matching gifts program.
• Volunteer program: Paid time off to volunteer and company-organized volunteering opportunities.
• A wide variety of personal, professional, and career development programs.
• Comprehensive wellness program offering a variety of resources and activities to help support your well-being in the following areas: career, financial, mental, emotional, physical, social and community.

All offers of employment with FedPoint are conditional upon satisfactory completion of a pre-employment background check.

FedPoint is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, or protected veteran status and will not be discriminated against on the basis of disability. If you believe you need a reasonable accommodation in order to search for a job opening or to submit an online application, please call (603) 433-4500. Equal Employment Opportunity (EEO) Poster Family and Medical Leave Act (FMLA) Poster Employee Polygraph Protection Act Poster