Lead Security Engineer

At OneStudyTeam (a Reify Health company), we specialize in speeding up clinical trials and increasing the chance of new therapies being approved with the ultimate goal of improving patient outcomes. Our cloud-based platform, StudyTeam, brings research site workflows online and enables sites, sponsors, and other key stakeholders to work together more effectively. StudyTeam is trusted by the largest global biopharmaceutical companies, used in over 6,000 research sites, and is available in over 100 countries. Join us in our mission to advance clinical research and improve patient care.

One mission. One team. That's OneStudyTeam.

By joining our team, as a Lead Security Engineer, you will be a technical leader responsible for ensuring the security of modern web applications, cloud infrastructure, and corporate environments. You will collaborate with technical advisors, software engineers, and security teams to assess and enhance security across AWS, Azure, Kubernetes, and CI/CD pipelines.

This role requires hands-on expertise in cloud security, security automation, incident response, and vulnerability management. You will work closely with both technical and non-technical stakeholders, helping design, implement, and scale security solutions across our environment.

What You'll Be Working On:

• Cloud Security Leadership: Provide technical expertise (not managerial oversight) to a security engineering team focused on AWS and Azure environments.
• Security Architecture & Hardening: Design, implement, and enhance security controls for cloud services, microservices, Kubernetes, and infrastructure-as-code (Terraform).
• Incident Response & Threat Detection: Act as a technical leader in security incidents, analyzing and mitigating threats in AWS, Azure, and corporate environments.
• Security Automation: Develop and automate security monitoring, detection, and response capabilities using Python, Terraform, and cloud-native tools.
• Risk & Compliance Alignment: Support ISO 27001 audits and customer security assessments, ensuring compliance with industry frameworks (HIPAA, HITRUST, NIST CSF).
• Vulnerability Management: Identify, assess, and remediate security vulnerabilities across cloud workloads, web applications, and internal systems.
• Security Tools Selection & Integration: Evaluate, design, and configure security solutions to enhance monitoring, compliance, and risk mitigation.
• Will ensure that technical solutions are aligned with the budget and meet company objectives.
• Cross-Team Collaboration: Act as a technical security expert for engineering, DevOps, and compliance teams, helping them adopt security best practices.
  
  

What You Bring to OneStudyTeam:

• Required Qualifications:
• 10+ years of hands-on experience in technical security engineering.
• 2+ years of experience in a Security leadership role.
• 2+ years of experience with Azure Security.
• 7+ years of experience securing AWS and/or Azure environments.
• Expertise in Python scripting for security automation.
• Deep knowledge of cloud security architectures, IAM, network security, and encryption best practices.
• Strong Kubernetes security experience, including securing containers, microservices, and CI/CD pipelines.
• Proficiency with SIEM tools (Microsoft Sentinel, CrowdStrike SIEM, or equivalent).
• Incident response and vulnerability management expertise, including web application security.
• Relevant security certifications (e.g., AWS Security Specialty, Azure Security Engineer, CISSP, OSCP, GIAC).
• Familiarity with OWASP Top 10 vulnerabilities, exploitation techniques, and mitigation strategies.
• Preferred Qualifications:
• Experience with CrowdStrike Falcon, CSPM, or similar security platforms.
• Hands-on experience with Infrastructure as Code (Terraform, CloudFormation, Ansible) for security automation.
• Familiarity with Zero Trust Security principles and cloud-native security architectures.
• Experience with compliance frameworks such as ISO 27001, HIPAA, HITRUST, and NIST CSF.
  
  

We value diversity and believe the unique contributions each of us brings drives our success. We do not discriminate on the basis of race, sex, religion, color, national origin, gender identity, age, marital status, veteran status, or disability status.

Note: OneStudyTeam is unable to sponsor work visas at this time. If you are a non-U.S. resident applicant, please note that OneStudyTeam works with a Professional Employer Organization.

As a condition of employment, you will abide by all organizational security and privacy policies.

This organization participates in E-Verify (E-Verify's Right to Work guidance can be found here).