Security Engineer
Job Summary
Job Description
The Security Analyst/Engineer will be responsible for designing, implementing, and maintaining security controls, responding to security incidents, and ensuring compliance with industry standards. This role focuses on Azure cloud infrastructure, requiring hands-on experience with Azure security tools and configurations, and a strong understanding of threat detection and incident response. The candidate will collaborate with cross-functional teams to enhance the organization's security posture, acting as a technical security interface. Key responsibilities include cloud security architecture and implementation, collaboration with teams, threat detection and incident response, compliance, governance, and vulnerability management.
Must have:
- Experience in information security with a focus on administering Azure Cloud
- Strong understanding of Azure security tools
Good to have:
- Experience with AWS and GCP security control design and implementation
- Proficient in scripting or automation using PowerShell, Python, and Bash
- Knowledge of security frameworks and standards
- Experience with container security tools and serverless security
- Strong understanding of IAM, network security, encryption, and monitoring in cloud platforms
- Experience with SIEM and XDR platforms for threat detection and response
- Professional certifications
15 skills required
Job Details
WebMD is the most recognized and trusted brand of health information and the leading provider of health information services, serving consumers, physicians, healthcare professionals, employers and health plans through our public and private online portals and WebMD the Magazine. The WebMD Health Network includes WebMD, Medscape, MedicineNet, eMedicine, RxList, theheart.org and Medscape Education. Our consumer portals and mobile health applications provide engaging, relevant and credible health and wellness information, personalized health assessment tools and access to online communities.
WebMD is an Equal Opportunity/Affirmative Action employer and does not discriminate on the basis of race, ancestry, color, religion, sex, gender, age, marital status, sexual orientation, gender identity, national origin, medical condition, disability, veterans status, or any other basis protected by law.
WebMD is an Equal Opportunity/Affirmative Action employer and does not discriminate on the basis of race, ancestry, color, religion, sex, gender, age, marital status, sexual orientation, gender identity, national origin, medical condition, disability, veterans status, or any other basis protected by law.
Summary:
We are seeking a highly skilled Security Analyst/Engineer with Cloud Security experience to join our Information Security team. The ideal candidate will have a strong understanding of security principles, network security, and cloud security, as well as experience with modern security tools and frameworks is required.
This role will focus on designing, implementing, and maintaining security controls, responding to security incidents, and ensuring compliance with industry standards and best practices with a particular focus on Azure cloud infrastructure. Hands-on experience with Azure security tools and configurations, and a strong understanding of threat detection and incident response in these environments is a must. The candidate will collaborate with cross-functional teams to strengthen the organization\u2019s overall security posture.
Key Responsibilities:
Cloud Security Architecture & Implementation:
● Design and implement security controls for cloud-based infrastructure in Azure.
● Configure and manage cloud-native security tools in Azure Defender.
● Act as technical security interface between WebMD Ignite, customer and partner engineering teams
● Apply secure coding practices and infrastructure as code (IaC) for automated security deployment.
● Help define and enforce Identity and Access Management (IAM) policies and roles.
● Monitor and audit secure networking practices, including VPCs, subnets, and firewalls in cloud environments.
Collaboration & Security Awareness:
● Act as technical security interface with customer and partner engineering teams.
● Collaborate with cross-functional teams to ensure information security best practices.
● Work with development and infrastructure teams to integrate security into the CI/CD pipeline.
● Provide security guidance to DevOps teams on secure coding practices and infrastructure hardening.
● Act as a subject matter expert on cloud security for internal stakeholders.
Threat Detection & Incident Response:
● Monitor cloud environments for security threats and suspicious activity using SIEM platforms (e.g., Splunk, Azure Sentinel, Google Chronicle).
● Collaborate with SOC and security operations teams to escalate and remediate incidents.
● Support investigations and response to security incidents, including cloud-based breaches, unauthorized access, and misconfigurations.
● Support root cause analysis and implement corrective actions to prevent future incidents.
Compliance & Governance:
● Ensure cloud security configurations align with industry standards (e.g., SOC 2, HITRUST, CIS Benchmarks, NIST, HIPAA, PCI).
● Support internal and external audits by providing evidence of cloud security controls and configurations.
● Develop and enforce cloud security policies and guidelines across business units.
● Implement encryption, data loss prevention (DLP), and key management solutions in cloud environments.
Vulnerability Management:
● Conduct vulnerability scans and penetration tests of cloud infrastructure and applications.
● Track and prioritize remediation efforts for identified cloud security vulnerabilities.
● Collaborate with development and infrastructure teams to fix misconfigurations and weaknesses.
● Automate vulnerability detection and patching where possible.
Required Qualifications:
● 3–5 years of experience in information security with a focus on Administering Azure Cloud.
● Strong understanding of Azure security tools.
○ Hands-on experience with Azure AD, RBAC, Network Security Groups (NSGs), and Azure Firewall.
● Bachelor\u2019s degree in Computer Science, Cybersecurity, Information Technology, or a related field (or equivalent work experience).
Preferred Qualifications:
● AWS and GCP security control design and implementation experience a plus.
● Proficient in scripting or automation using PowerShell, Python, and Bash.
● Knowledge of security frameworks and standards including HIPAA, PCI, NIST, CIS Benchmarks.
● Experience with container security tools (e.g., Kubernetes, Docker, EKS, AKS, GKE) and serverless security.
● Strong understanding of IAM, network security, encryption, and monitoring in cloud platforms.
● Experience with SIEM and XDR platforms for threat detection and response.
● Professional certifications such as Microsoft Certified: Security Operations Analyst Associate, Microsoft Certified: Azure Security Engineer Associate, or CISSP.
● Experience securing hybrid cloud and multi-cloud environments.
● Familiarity with DevSecOps practices and infrastructure as code (IaC) tools like Terraform or Bicep.
● Professional certifications such as:
○ Certified Cloud Security Professional (CCSP)
○ AWS Certified Security – Specialty
○ Microsoft Certified: Azure Security Engineer Associate
○ Google Professional Cloud Security Engineer
○ CISSP
● Experience with multi-cloud and hybrid cloud security.
● Understanding of DevSecOps principles and secure CI/CD pipelines.
● Experience with SIEM and XDR platforms for threat detection and response.
Key Competencies:
● Strong analytical and problem-solving skills
● Effective communication and collaboration across teams
● Ability to work independently and manage multiple projects simultaneously
● Proactive mindset with a strong focus on continuous improvement
Similar Jobs
WebMD
Yardley, Pennsylvania, United States (Hybrid)
• 1 Month ago
Opendoor
Kraków, Lesser Poland Voivodeship, Poland (Hybrid)
• 1 Month ago
Varonis
London, England, United Kingdom (On-Site)
• 2 Months ago
Get notifed when new similar jobs are uploaded
Similar Skill Jobs
Bengaluru, Karnataka, India (On-Site)
• 2 Months ago
Scale AI
San Francisco, California, United States (On-Site)
• 2 Months ago
bytedance
Dubai, Dubai, United Arab Emirates (On-Site)
• 4 Months ago
Get notifed when new similar jobs are uploaded
Jobs in Madison, Wisconsin, United States
bytedance
San Jose, California, United States (On-Site)
• 4 Months ago
Qualcomm
San Diego, California, United States (On-Site)
• 1 Month ago
Apple
San Diego, California, United States (On-Site)
• 4 Weeks ago
Adobe
Lehi, Utah, United States (On-Site)
• 1 Month ago
Get notifed when new similar jobs are uploaded
Cyber Security Jobs
.png%3F1725396992&w=256&q=50)
Sunnyvale, California, United States (On-Site)
• 7 Months ago
Dassault Systèmes
Vélizy-Villacoublay, Île-de-France, France (On-Site)
• 3 Years ago
Site Core
Kuala Lumpur, Federal Territory Of Kuala Lumpur, Malaysia (On-Site)
• 1 Month ago
Nasdaq
Vilnius, Vilnius County, Lithuania (Hybrid)
• 2 Months ago
Nice
Southampton, England, United Kingdom (Hybrid)
• 2 Weeks ago
Get notifed when new similar jobs are uploaded
About The Company
The WebMD Health Network includes WebMD, Medscape, MedicineNet, eMedicine, RxList, WebMDRx, Medscape Education, Frontline Medical Communications, MedSims, MediQuality, QxMD, Vitals.com, Jobson Healthcare, and WebMD Magazine. WebMD and our network of sites and mobile applications for consumers help them take an active role in managing their own health and wellness. Medscape and our network of sites and mobile applications for healthcare professionals help them improve their clinical knowledge and practice of medicine. In addition, WebMD Health Services provides customizable health and wellness solutions for employers and health plans that help them improve the health of their employee and plan participant populations.
Get notified when new jobs are added by WebMD
