Security Engineer at Healthmark Group – Remote

COMPANY OVERVIEW: HealthMark Group is a leading provider of health IT solutions for healthcare providers across the country. By leveraging technology to reimagine the business of healthcare, HealthMark transforms administrative processes into seamless digital solutions. From HealthMark’ s proprietary MedRelease platform for Release of Information, the company is pioneering an efficient, compliant, and patient-centric approach to support the entire spectrum of the patient information journey. HealthMark Group was founded in 2006 with corporate headquarters in Dallas, TX, and has been named to both the Dallas 100 and the Inc. 5000 for multiple years in a row as one of the fastest-growing companies in the region and the country.

We are a mid‑sized company in a transformation phase: modernizing legacy systems, building new products, and automating workflows that used to require rooms full of people. If you want to build things that matter (not just maintain them), this is a good time to join.

Position: Security Engineer – Cloud & Infrastructure Security

Location: Remote

Role Overview:

The Security Engineer is a member of the Security and IT Operations team with a strong emphasis on cloud security, AWS architecture, and Infrastructure-as-Code (IaC). This role is responsible for protecting sensitive health information in a highly regulated environment and embedding security controls directly into cloud-native infrastructure using automation-first practices.

Primary Roles and Responsibilities:

• Design, implement, and maintain AWS-focused cloud security architecture aligned with HIPAA, NIST, and HITRUST.
• Secure AWS environments using IAM, Organizations, CloudTrail, Config, GuardDuty, Security Hub, KMS, and network security controls.
• Build, review, and maintain Infrastructure-as-Code using Terraform, ensuring security controls are versioned, auditable, and enforced by default.
• Develop secure Terraform modules, guardrails, and policy-as-code to prevent misconfiguration and drift.
• Partner with Development and CloudOps teams to implement DevSecOps practices, including CI/CD pipeline security and IaC scanning.
• Establish and manage identity and access standards across AWS and Microsoft Entra.
• Support SOC 2 Type II, HITRUST, HIPAA, and PCI audits with a focus on cloud control evidence.
• Monitor cloud environments, triage security events, and respond to incidents in partnership with the MSP.
• Maintain documentation related to cloud security architecture, IaC standards, and incident response.
• Provide security mentorship and cloud security expertise across the organization.

Required Experience and Qualifications:

• Bachelor’s degree in Computer Science, Engineering, or equivalent experience.
• 3+ years of hands-on security engineering experience with strong AWS focus.
• Hands-on experience with Terraform and Infrastructure-as-Code workflows.
• Experience securing AWS workloads including compute, storage, and networking.
• Experience with Microsoft Entra, Active Directory, and AWS IAM.
• Experience with HIPAA, NIST, SOC 2, and HITRUST security controls.
• Experience integrating security into CI/CD pipelines and DevSecOps workflows.
• Strong knowledge of Windows operating systems and networking concepts.

Additional Preferred Experience:

• Experience with Azure or GCP.
• Experience with cloud security posture management and IaC scanning tools.
• Knowledge of modern cloud attack vectors and mitigating controls.
• Experience with cryptography, key management, and authentication mechanisms.
• Security certifications such as CISSP, CISM, CSSLP, or AWS Security Specialty.