Cyber Security Engineer AWS

About us :We are a US Based Venture backed Digital Health Company. We enable Health Care Providers (HCP) to capture true Virtual Care Opportunities beyond Telehealth. We enable HCP to provide Proactive and Continuous Care and add new Recurring monthly revenue streams without any upfront cost. With our unique distribution and business model, we are seeing fast acceptance and great adaptation with our target customers.We have built unique and Industrys first Integrated Hardware, Cloud & AI Technologies based Virtual care Platforms for HCP Market. We provide an excellent opportunity to Innovate and work on cutting-edge product technologies in a very fast-moving dynamic and empowered environment.Role Overview :We are looking for a hands-on Cybersecurity Engineer who will proactively identify, assess, and remediate security vulnerabilities across our technology stack including application code, third-party libraries, databases, network infrastructure, and cloud/on-premises environments. This is not a policy-only role; you will be expected to get into the code, configurations, and systems to find and fix issues directly.Perform code reviews, static/dynamic analysis (SAST/DAST), and dependency scanning to detect and fix vulnerabilities in application code and open-source libraries (e.g., Database Security : Audit database configurations, access controls, encryption at rest/in transit,and query patterns to prevent SQL injection, privilege escalation, and data leakage.- Network Security : Assess and harden network architectures firewalls, VPNs, segmentation,IDS/IPS, DNS, and zero-trust configurations. Conduct penetration testing at the network layer.- Environment & Infrastructure Security : Review and secure cloud (AWS/Azure/GCP) and on premises environments, including IAM policies, container security (Docker/Kubernetes), CI/CD pipelines, and infrastructure-as-code templates (Terraform, CloudFormation).- Incident Response : Investigate security incidents, perform root cause analysis, and implement corrective actions.- Ensure adherence to relevant cybersecurity frameworks and regulations, and support audit and certification processes.- Partner with engineering, DevOps, and platform teams to embed security into the SDLC (shift-left security).Required Qualifications :- 10+ years of hands-on experience in cybersecurity engineering, application security, or infrastructure security.- Demonstrable ability to read, review, and fix code in at least two of : Python, Java, Go, JavaScript/TypeScript, C/C++.- Experience with vulnerability scanning and management tools (e.g., Hands-on experience securing relational and NoSQL databases (PostgreSQL, MySQL, MongoDB, etc.).- Strong understanding of network protocols (TCP/IP, TLS, DNS, and network security tooling (Wireshark, nmap, Suricata).- Proficiency in securing cloud environments (AWS, Azure, or GCP) including IAM, security groups, VPC design, and cloud-native security services.- Working knowledge of container and orchestration security (Docker, Kubernetes, service mesh).OWASP (Top 10, ASVS, SAMM)- NIST Cybersecurity Framework (CSF) / NIST 800-53- ISO 27001 / 27002- SOC 2 Type II- PCI DSS- GDPR / CCPA (data protection and privacy) (ref:hirist.