Cloud Security Engineer | Tomorrow Health | Remote (United States)
Posted 2025-09-08
Remote, USA
Full Time
Immediate Start
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3"><strong class=" font-semibold">ABOUT TOMORROW HEALTH</strong></p>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3">Tomorrow Health enables exceptional healthcare for patients and their families in the place they want to be most — home. At Tomorrow Heath, we build technology that rewires the way home-based care is ordered, delivered, and paid for. Tomorrow Health connects patients, providers, health plans, and home-based care suppliers, to ensure patients receive the correct and timely care they need to remain healthy at home.</p>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3">We believe that a team’s strength is in its people. Our goal is to raise the industry standard for patient experience, and we realize this cannot be achieved without a team that reflects the vast diversity in race, ethnicity, gender, sexuality, and set of experiences and perspectives of the patients we serve. We believe in putting patients first, that many perspectives are stronger than one, and in treating those we serve just as we would our own family members. If you’re passionate about improving healthcare delivery, leveraging technology to serve people, and working in a collaborative, diverse environment, we hope you’ll join us.</p>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3"><strong class=" font-semibold">THE TEAM</strong></p>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3">The Technology team at Tomorrow Health builds the software and technologies that connect and scale the home health ecosystem in order to transform the home into the preferred place of care for positive patient outcomes. Our products serve a diverse set of users – doctors, insurance companies, medical equipment suppliers, and care coordinators – and ultimately enable us to deliver a higher quality patient experience. Our team of mission-driven technologists is highly collaborative, supportive, empathetic, curious, and impact-oriented. We are dedicated to leveraging data-driven insights to enable a faster, simpler, and more transparent process for patients and healthcare partners.</p>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3"><strong class=" font-semibold">THE ROLE</strong></p>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3"><strong class=" font-semibold">This is a contract role for 6-9 months.</strong></p>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3">Tomorrow Health is committed to ensuring the highest standards of security and compliance. As we continue to build our security and compliance program, we are seeking a talented and experienced Cloud Security Engineer to join our team on a contract basis. This role will be instrumental in implementing and maintaining security controls to achieve and maintain SOC 2 Type 2 compliance. In addition, they will partner with our Engineering team to integrate security practices into our DevOps processes, ensuring robust security controls are in place to protect our systems and data</p>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3">In this role, you will:</p>
<ul class=" text-base sm:text-lg marker:text-color list-inside list-disc text-gray-500 list-disc list-outside pl-3 mb-6">
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Design and implement security controls and processes to meet SOC 2 Type 2 requirements. Partnering with the Engineering team, you will:<!-- -->
<ul class=" text-base sm:text-lg marker:text-color list-inside list-disc text-gray-500 list-disc list-outside pl-3 mb-6">
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Implement code scanning and network vulnerability scanning solutions.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Implement security monitoring, logging, and alerting systems.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Implement and manage our Web Application Firewall</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Integrate security tools and practices into the CI/CD pipeline.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Review our infrastructure and network security, make recommendations for enhancements, and lead the implementation of those changes.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Ensure encryption and key management practices are adhered to across all systems and data.</span></li>
</ul>
<p></span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">In addition, you will:<!-- -->
<ul class=" text-base sm:text-lg marker:text-color list-inside list-disc text-gray-500 list-disc list-outside pl-3 mb-6">
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Develop documentation for security policies, procedures, and controls.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Collaborate with development and operations teams to embed security practices throughout the software development lifecycle, and provide training and guidance to team members on secure coding practices.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Assist with audits and assessments related to SOC 2 Type 2 compliance.</span></li>
</ul>
<p></span></li>
</ul>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3"><strong class=" font-semibold">ABOUT YOU</strong></p>
<ul class=" text-base sm:text-lg marker:text-color list-inside list-disc text-gray-500 list-disc list-outside pl-3 mb-6">
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">5+ years of experience in a DevSecOps, Cloud Security or similar role.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Knowledge of HIPPA, SOC 2 Type 2, HITRUST, or ISO 27001 requirements, and experience implementing controls to meet these standards.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Deep understanding of AWS cloud platform infrastructure, and securing environments on AWS</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Proficiency with infrastructure as code (Terraform, Pulumi, etc.) and containerization (Docker, Kubernetes, etc.). <em>Strong preference for Terraform experience.</em></span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Strong knowledge of CI/CD tools (CircleCI, Github Actions, GitLab CI, etc.) and integrating security into these pipelines.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Proficiency with security tools such as SAST, DAST, SIEM, and vulnerability scanners.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Strong communication and collaboration skills.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Current with emerging security trends, threats, and technologies.</span></li>
</ul>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3"><em>Preferred Qualifications:</em></p>
<ul class=" text-base sm:text-lg marker:text-color list-inside list-disc text-gray-500 list-disc list-outside pl-3 mb-6">
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Proficiency with security tools such as SAST, DAST, SIEM, and vulnerability scanners.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Certifications such as CISSP, CISM, CEH, or similar.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Experience with automated compliance frameworks (Vanta, Drata) and tools.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Experience with security incident response and forensics.</span></li>
</ul>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3">Pay rate for this position: $50 to $70/hour, depending on experience and qualifications</p>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3">Learn more about our core values and working with us on our <a href="https://home.tomorrowhealth.com/careers" target="_blank" class="break-all font-medium underline hover:opacity-75" rel="noopener noreferrer nofollow">careers</a> page!</p>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3">Tomorrow Health is an Equal Opportunity Employer and does not discriminate on the basis of race, religion, color, sex, gender identity, sexual orientation, age, non-disqualifying physical or mental disability, national origin, veteran status or any other basis covered by appropriate law.</p>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3">Tomorrow Health enables exceptional healthcare for patients and their families in the place they want to be most — home. At Tomorrow Heath, we build technology that rewires the way home-based care is ordered, delivered, and paid for. Tomorrow Health connects patients, providers, health plans, and home-based care suppliers, to ensure patients receive the correct and timely care they need to remain healthy at home.</p>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3">We believe that a team’s strength is in its people. Our goal is to raise the industry standard for patient experience, and we realize this cannot be achieved without a team that reflects the vast diversity in race, ethnicity, gender, sexuality, and set of experiences and perspectives of the patients we serve. We believe in putting patients first, that many perspectives are stronger than one, and in treating those we serve just as we would our own family members. If you’re passionate about improving healthcare delivery, leveraging technology to serve people, and working in a collaborative, diverse environment, we hope you’ll join us.</p>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3"><strong class=" font-semibold">THE TEAM</strong></p>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3">The Technology team at Tomorrow Health builds the software and technologies that connect and scale the home health ecosystem in order to transform the home into the preferred place of care for positive patient outcomes. Our products serve a diverse set of users – doctors, insurance companies, medical equipment suppliers, and care coordinators – and ultimately enable us to deliver a higher quality patient experience. Our team of mission-driven technologists is highly collaborative, supportive, empathetic, curious, and impact-oriented. We are dedicated to leveraging data-driven insights to enable a faster, simpler, and more transparent process for patients and healthcare partners.</p>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3"><strong class=" font-semibold">THE ROLE</strong></p>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3"><strong class=" font-semibold">This is a contract role for 6-9 months.</strong></p>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3">Tomorrow Health is committed to ensuring the highest standards of security and compliance. As we continue to build our security and compliance program, we are seeking a talented and experienced Cloud Security Engineer to join our team on a contract basis. This role will be instrumental in implementing and maintaining security controls to achieve and maintain SOC 2 Type 2 compliance. In addition, they will partner with our Engineering team to integrate security practices into our DevOps processes, ensuring robust security controls are in place to protect our systems and data</p>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3">In this role, you will:</p>
<ul class=" text-base sm:text-lg marker:text-color list-inside list-disc text-gray-500 list-disc list-outside pl-3 mb-6">
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Design and implement security controls and processes to meet SOC 2 Type 2 requirements. Partnering with the Engineering team, you will:<!-- -->
<ul class=" text-base sm:text-lg marker:text-color list-inside list-disc text-gray-500 list-disc list-outside pl-3 mb-6">
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Implement code scanning and network vulnerability scanning solutions.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Implement security monitoring, logging, and alerting systems.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Implement and manage our Web Application Firewall</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Integrate security tools and practices into the CI/CD pipeline.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Review our infrastructure and network security, make recommendations for enhancements, and lead the implementation of those changes.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Ensure encryption and key management practices are adhered to across all systems and data.</span></li>
</ul>
<p></span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">In addition, you will:<!-- -->
<ul class=" text-base sm:text-lg marker:text-color list-inside list-disc text-gray-500 list-disc list-outside pl-3 mb-6">
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Develop documentation for security policies, procedures, and controls.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Collaborate with development and operations teams to embed security practices throughout the software development lifecycle, and provide training and guidance to team members on secure coding practices.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Assist with audits and assessments related to SOC 2 Type 2 compliance.</span></li>
</ul>
<p></span></li>
</ul>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3"><strong class=" font-semibold">ABOUT YOU</strong></p>
<ul class=" text-base sm:text-lg marker:text-color list-inside list-disc text-gray-500 list-disc list-outside pl-3 mb-6">
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">5+ years of experience in a DevSecOps, Cloud Security or similar role.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Knowledge of HIPPA, SOC 2 Type 2, HITRUST, or ISO 27001 requirements, and experience implementing controls to meet these standards.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Deep understanding of AWS cloud platform infrastructure, and securing environments on AWS</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Proficiency with infrastructure as code (Terraform, Pulumi, etc.) and containerization (Docker, Kubernetes, etc.). <em>Strong preference for Terraform experience.</em></span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Strong knowledge of CI/CD tools (CircleCI, Github Actions, GitLab CI, etc.) and integrating security into these pipelines.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Proficiency with security tools such as SAST, DAST, SIEM, and vulnerability scanners.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Strong communication and collaboration skills.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Current with emerging security trends, threats, and technologies.</span></li>
</ul>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3"><em>Preferred Qualifications:</em></p>
<ul class=" text-base sm:text-lg marker:text-color list-inside list-disc text-gray-500 list-disc list-outside pl-3 mb-6">
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Proficiency with security tools such as SAST, DAST, SIEM, and vulnerability scanners.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Certifications such as CISSP, CISM, CEH, or similar.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Experience with automated compliance frameworks (Vanta, Drata) and tools.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Experience with security incident response and forensics.</span></li>
</ul>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3">Pay rate for this position: $50 to $70/hour, depending on experience and qualifications</p>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3">Learn more about our core values and working with us on our <a href="https://home.tomorrowhealth.com/careers" target="_blank" class="break-all font-medium underline hover:opacity-75" rel="noopener noreferrer nofollow">careers</a> page!</p>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3">Tomorrow Health is an Equal Opportunity Employer and does not discriminate on the basis of race, religion, color, sex, gender identity, sexual orientation, age, non-disqualifying physical or mental disability, national origin, veteran status or any other basis covered by appropriate law.</p>