Sr. Network Security Engineer

CentralReach is the #1 provider of SaaS software solutions for autism and IDD care. Trusted by more than 150,000 users, we enable therapy providers, educators, and employers to scale the way they deliver Applied Behavior Analysis and related therapies with innovative technology, market-leading industry expertise, and world-class customer satisfaction. 

The Security team at CentralReach innovates security solutions with the guiding principles to keep our cloud infrastructure secure and support the business by doing so.  

The Sr. Network Security Engineer will be responsible for securing cloud infrastructure (mainly in AWS), platforms and applications, and will support and work alongside DevOps/Engineering to maintain and upgrade our cloud environments, while using industry best practices. The Sr. Network Security Engineer will work with other stakeholders to implement security processes and help us shift left and build strong foundations for our DevSecOps cycles.  

This role is remote eligible, but will require quarterly travel for team on-sites.

Key Accountabilities: 

• Create security architecture and design patterns for CR services based on industry best practices. 
• Advise development teams throughout the secure SDLC process on security-related domains. 
• Develop security solutions/tools/configurations that can be leveraged by CR teams for various security-related use cases such as enabling secure remote access, improving the security posture of cloud services, etc. 
• Build threat detection rules and auto-remediation capabilities to mitigate the identified threats at scale. 
• Develop security requirements and standards in collaboration with technical teams to safeguard the Internal as well as customer-facing cloud infrastructure, applications, and data.
• Support day-to-day execution of security processes in areas related to perimeter and endpoint security, cloud security posture management, vulnerability management, security observability, and security operations. 
• Leverage coding skills and experience working with Infrastructure as code (IaC) pipelines to develop, manage, and govern cloud security solutions and safeguards on the AWS platform. 
• Strongly contribute to security initiatives and projects. 
• Deep technical knowledge and experience identifying triaging and remediating application vulnerabilities, including OWASP top 10. 
• Strong knowledge of cloud technologies and cloud infrastructure, including networking, VPCs, TGWs, VPNs, DNS in AWS.
• Manage infrastructure level security capabilities e.g., firewalls, DDoS protection, network/fault domain isolation, IAM policy generation and enforcement, user/resource movement monitoring within the cloud environment and other access controls.

Desired Skills and Experience:  

• Bachelor’s degree in computer science (or equivalent). 
• At least one current security-oriented certification (ex: CISSP, CSSP, CISM, CISA, CEH etc.,) is required. 
• 4+ year experience in application security engineering. 
• Hands-on experience implementing, managing, and monitoring security tools and technologies related to SOAR, SIEM, DLP, EDR, IAM, PAM, NAC, IDS/IPS, etc. 
• Strong familiarity with DDoS and WAF protection layers on web applications (hand-on experience even better!).
• Solid understanding of network topologies, protocols, defense principles, common attack vectors, and attacker techniques. 
• Deep technical knowledge and experience identifying triaging and remediating application vulnerabilities, including OWASP top 10. 
• Experience in implementing static code analysis tools (Snyk, Veracode etc.) as part of CI/CD pipelining. 
• Experience in Privileged Access Management implementations, and in tools like CyberArk. 
• Familiarity of regulatory compliance requirements (PCI-DSS, HIPAA, HITRUST, FISMA, SOC2 etc.,).
• Knowledge of cloud technologies and cloud infrastructure, including networking, VPCs, TGWs, VPNs, DNS in the cloud (AWS preferred).
• Manage infrastructure level security capabilities e.g., firewalls, DDoS protection, network/fault domain isolation, IAM policy generation and enforcement, user/resource movement monitoring within the cloud environment and other access controls.
• Technical baseline skills and the ability to acquire in-depth knowledge of network and host security technologies.
• Security automation via serverless framework.
• Strong experience with Terraform to manage IaC in AWS.
• Experience with vulnerability scanning tools (Tenable, Rapid7 etc.).
• Git version control and code repositories like Github and Bitbucket.
• Self-motivated and likes a challenge.
• Thrive in a fast-paced environment and can multitask.
• Appreciate direct communication and a stellar communicator and listener.
• Has a can-do attitude and wants to be part of our journey.

CentralReach was developed for Clinicians by Clinicians. The story of CentralReach begins in 2012 when the company’s founder, a practicing Board Certified Behavioral Analyst, decided there had to be a better way to manage her operations so she could spend more time on what mattered most — working with her clients and patients. To help ABA practices focus on what they do best, CentralReach launched the first iteration of its EMR and practice management platform. 

Today, under the leadership of Chris Sullens, an award-winning CEO in the technology space, CentralReach is committed to their mission of providing cutting-edge technology and services to help clinicians and educators produce superior client and patient outcomes. Already a market leader, CentralReach is expected to grow exponentially through its four core tenets: hire and develop great people; build industry-leading products; provide exceptional service to customers and continuously invest in systems, processes and infrastructure. 

We value our employees and offer a robust benefits package including health and dental, paid time off, life insurance, disability coverage and a 401(k) matching. We also provide comprehensive onboarding, ongoing training, mentoring and career pathing to help you develop your career. We pride ourselves on our fun and energetic environment that also provides our employees with a meaningful way to make a difference by helping clinicians and educators produce superior outcomes for children and adults with disabilities. 

CentralReach will not contact you or schedule interviews via Facebook. Please note social media is a current sourcing tool for talent acquisition via LinkedIn, Instagram, FB and for our recent job fair through CR company marketing, but we have a direct link to our website where all viable jobs are listed and directly tracked to our company page.