Cloud Security Engineer

At CVS Health, we're building a world of health around every consumer and surrounding ourselves with dedicated colleagues who are passionate about transforming health care.As the nation's leading health solutions company, we reach millions of Americans through our local presence, digital channels and more than 300,000 purpose-driven colleagues - caring for people where, when and how they choose in a way that is uniquely more connected, more convenient and more compassionate. And we do it all with heart, each and every day.Position Summary

As a Cloud Security Engineer of GCP and AWS at CVS Health, you will be responsible for designing, implementing, and maintaining secure cloud environments across AWS and Google Cloud Platform. Your expertise will ensure our cloud operations remain robust against threats while aligning with industry standards. Experience with Microsoft Azure is considered an advantage. You will work collaboratively with cross-functional teams to integrate security throughout the cloud lifecycle. The Cloud Security Engineer will develop security blueprints and implement security automation tools for continuous monitoring and threat detection. The right candidate will also conduct regular risk assessments, vulnerability analyses, and threat modeling for cloud assets.As a Cloud Security Engineer, you will

• Design and deploy secure cloud infrastructures on AWS and GCP, applying industry-leading practices
• Integrate security controls and best practices inspired by the robust environments at Google and Facebook
• Ensure adherence to regulatory requirements (e.g., HIPAA, PCI-DSS) and CVS Health security policies.
• Lead incident response efforts, including forensic investigations and remediation processes
• Collaborate with cybersecurity teams to enforce robust security policies, manage access controls, and ensure compliance with healthcare regulations (e.g., HIPAA)
• Stay abreast of emerging trends in cloud security, leveraging insights from industry leaders like Google and Facebook to drive innovation
• Evaluate and implement new cloud security tools and frameworks to enhance our security posture
• Continuously improve processes and strategies to reduce risks and optimize performance

• 7+ years of experience in cloud security or a related field with hands-on experience in securing AWS and GCP environments
• 3+ years of experience with automation and Infrastructure as Code (IaC) tools (e.g., Terraform, AWS CloudFormation, Azure ARM, Pulumi, CDK)
• Scripting and programming skills (e.g., Python, Bash, Javascript, Go, Typescript) for automating security tasks
• Experience mentoring team members and fostering a culture of security awareness and proactive risk management
• Experience partnering with Developers, DevOps, Engineering, and IT teams to embed security into CI/CD pipelines and Infrastructure as Code (IaC) practices

• Familiarity with container security, CI/CD integration, and DevSecOps methodologies
• Proficiency in cloud security tools, network security, identity and access management, encryption, and compliance monitoring
• Experience with Azure is a bonus

• Bachelor's degree in computer science engineering, or a related field; Master's degree preferred

• Affordable medical plan options, a 401(k) plan (including matching company contributions), and an employee stock purchase plan.
• No-cost programs for all colleagues including wellness screenings, tobacco cessation and weight management programs, confidential counseling and financial coaching.
• Benefit solutions that address the different needs and preferences of our colleagues including paid time off, flexible work schedules, family leave, dependent care resources, colleague assistance programs, tuition assistance, retiree medical access and many other benefits depending on eligibility.