Cloud Security Engineer- Vulnerability Management

We're building a world of health around every individual - shaping a more connected, convenient and compassionate health experience. At CVS Health®, you'll be surrounded by passionate colleagues who care deeply, innovate with purpose, hold ourselves accountable and prioritize safety and quality in everything we do. Join us and be part of something bigger - helping to simplify health care one person, one family and one community at a time.

Seeking a highly skilled Security Specialist with deep expertise in cloud and database security, hands‑on experience with Open Shift, and a proven track record in operational vulnerability management and team leadership. This role will drive vulnerability remediation efforts across cloud platforms (AWS, Azure, GCP) and database environments, ensuring the protection of critical enterprise assets. The Security Specialist will serve as a technical advisor, championing secure configurations, leading strategic security initiatives, and fostering collaboration between security, operations, and development teams to deliver robust, enterprise‑wide security solutions to remediate security threats.

• Oversee the administration, and implementation of the vulnerability and Minimum Security Baseline program.
• Acts as a SME (subject matter expertise) in Cloud Security area, offering solutions and recommendations to the operation teams.
• Design, implement, and maintain security measures for cloud‑based systems (AWS, Azure, GCP, Openshift)
• Develop and enforce security policies and procedures for cloud platforms.
• Manage cloud security monitoring, incident response, and remediation.
• Work closely with cross‑realm security teams to ensure adequate security solutions and controls are in place to meet business and regulatory requirements
• Ensure compliance with regulatory requirements (GDPR, HIPAA, SOC 2, PCI‑DSS).
• Automate security processes and integrate with CI/CD pipelines.

• Implement and maintain security controls for enterprise databases (on‑premises, cloud, DBaaS).
• Lead database security audits, risk assessments, and compliance initiatives.
• Develop and enforce database access controls, encryption, and authentication solutions.
• Collaborate with IT and development teams to integrate security throughout the software lifecycle.

• Manage and secure Openshift/Kubernetes clusters, including deployment, upgrades, and lifecycle management.
• Implement RBAC, compliance controls, and vulnerability scanning for containerized environments.
• Troubleshoot and resolve security issues across cluster, OS, network, and storage layers.
• Support image scanning, import, and registry management in Openshift runtime projects.

• Lead vulnerability management programs, including regular scans, risk assessments, and remediation tracking.
• Coordinate cross‑functional teams to prioritize and remediate vulnerabilities.
• Develop and maintain vulnerability management policies, procedures, and reporting.
• Mentor and guide team members in security best practices and operational workflows.
• Communicate security issues, risks, and recommendations to management and stakeholders.

• 7+ years in cloud security, database security, or related security roles.
• 5+ years of experience with Cloud Platforms (AWS, Azure, GCP) and Database technologies.
• 5+ years of experience in scripting and automation (Python, Power Shell, Bash, Terraform, Ansible).
• 3+ years of experience with vulnerability scanning tools and security assessment techniques (Wiz, Qualys, Tenable, etc).
• 2+ years of hands‑on experience with Openshift/Kubernetes administration and security.

• Knowledge of regulatory compliance standards and frameworks (GDPR, HIPAA, PCI‑DSS, NIST, ISO 27001).
• Excellent communication, problem‑solving, and team leadership skills.
• Experience with database activity monitoring solutions (IBM Guardium, SIEM integration).
• Familiarity with Dev Ops practices and CI/CD security integration.
• Relevant certifications (CISSP, CCSP, AWS/Azure Security, Red Hat Open Shift Security) preferred.

• Ba…