Cybersecurity Engineer

Candidates must be located in the Colorado Springs or Denver, Colorado area.


Company Overview: Comprehensive practice management solutions for the elective medical industry are essential for improving efficiency, and the client-centric culture of the PatientNow team is well-poised to continue delivering solutions that allow our customers to spend more time where they want to, with their patients. With our expanding line of products, we demonstrate our commitment to delivering purpose-built technology to medical aesthetics and wellness service providers in our ever evolving market. PatientNow continues to see Med Spa business growth, in addition to expansion in the areas of nutrition, weight loss and hormone replacement. PatientNow’s goal is to be the elective medical industry’s most trusted and intuitive practice management solution— fueled by innovation, integration, and strategic partnerships, delivered by a team with unrivaled grit.


Vision - Empowering practices and businesses to improve health and wellness worldwide by helping their clients look and feel their best.


Mission - PatientNow is elevating businesses focused on beauty, wellness and medical aesthetics with innovative, all-in-one software and consulting service solutions. People who partner with us stand out in the industry with strong market differentiation, while streamlining operations for long term success and sustainable growth.


Values

  • Show up – being present and supportive: for each other through collaboration and respect, for our customers with exceptional service, and for the business with dedication to excellence and growth.
  • Own the outcome – By understanding the objective, exceeding expectations with pride, confirming resolution, communicating early and often, and continuously learning and improving
  • Be Authentic - By sharing thoughts and opinions, keeping promises, showing your true self, and engaging with respect

Position SummaryThe Cybersecurity Engineer plays a pivotal role in protecting and enhancing our cloud-based infrastructure, driving compliance efforts, and managing our Cloud Security Posture Management (CSPM) program. With a focus on AWS, this role combines hands-on technical expertise, advanced cloud security practices, and deep knowledge of compliance frameworks such as HIPAA, SOC2, and PCI. This position is responsible for implementing proactive security measures, responding to threats, and ensuring the overall security and resilience of our environment. The Cybersecurity Engineer also works closely with cross-functional teams to identify risks, design mitigation strategies, and align security practices with business objectives.

 

Essential Duties and ResponsibilitiesTo perform this job successfully, an individual must be able to perform the following satisfactorily; other duties may be assigned. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

  • Design and implement the Cloud Security Posture Management (CSPM) program to ensure comprehensive security across the AWS environment.
  • Harden AWS resources through advanced configurations for IAM, S3 bucket policies, VPC security, and security groups.
  • Analyze AWS security logs and alerts from services like CloudTrail, GuardDuty, Security Hub, and Config to proactively detect and mitigate threats.
  • Configure and fine-tune Datadog dashboards, monitors, and alerts for infrastructure and security monitoring, integrating with AWS services to ensure real-time visibility.
  • Conduct forensic analysis and investigate security incidents, implementing long-term preventive measures.
  • Automate incident detection and response workflows using tools such as AWS Lambda and Step Functions.
  • Lead the implementation of PCI compliance and align the infrastructure with DSS requirements.
  • Enhance and maintain HIPAA and SOC2 compliance, including evidence collection and audit readiness.
  • Define and enforce governance policies for AWS resources as it relates to encryption, access control, and data lifecycle management.
  • Design and implement a comprehensive vulnerability management plan, including the selection and integration of tools such as Tenable, Qualys, or AWS Inspector, to identify, prioritize, and remediate security vulnerabilities.
  • Coordinate with third-party vendors to schedule and complete penetration tests, ensuring timely execution and adherence to organizational security standards. Review findings with internal teams to prioritize and implement remediation efforts.
  • Perform detailed risk assessments and recommend controls to mitigate security gaps effectively.
  • Develop, test, and maintain an Incident Response Plan (IRP) to address potential threats and breaches effectively.
  • Collaborate with the Infrastructure team to design, implement and facilitate testing of the Business Continuity and Disaster Recovery (BC/DR) plan, including periodic drills and simulations.
  • Conduct threat modeling exercises for applications and infrastructure to identify and prioritize mitigation strategies.
  • Independently research and stay updated on emerging security trends, vulnerabilities, and tools.
  • Continuously evaluate and recommend improvements to the security architecture to align with evolving threats and business needs.
  • Act as the primary point of contact for security-related escalations, providing expert guidance and resolution.
  • Assist in developing comprehensive training materials to elevate security awareness across the organization.

Competencies: To perform the job successfully, an individual should demonstrate the following.

Adaptability - Demonstrates persistence and overcomes obstacles. Measures self against standard of excellence. Recognizes and acts on opportunities. Sets and achieves challenging goals.

Business Ethics – Inspires the trust of others. Keeps commitments. Treats people with respect. Upholds organizational values. Works with integrity and ethics. 

Communications - Exhibits good listening and comprehension. Clearly expresses ideas and thoughts in written as well as verbal form. Selects and uses appropriate communication methods.

Continuous Learning - Assesses own strengths and weaknesses. Continuously pursues training and development opportunities. Seeks feedback to improve performance. Shares expertise with others.

Problem Solving - Develops creative solutions. Gathers and analyzes information skillfully. Identifies and resolves problems in a timely manner. Works well in group problem solving situations.

Teamwork - Balances team and individual responsibilities. Contributes to building a positive team spirit. Exhibits objectivity and openness to others' views. Gives and welcomes feedback.

 

Education/Experience:

  • Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or a related technical field. Equivalent experience and certifications will be considered in lieu of a degree.
  • 8 –10 years of hands-on cybersecurity experience with a strong focus designing and implementing robust security solutions in a cloud-based environment (AWS).
  • Extensive experience with AWS security services (IAM, CloudTrail, Config, GuardDuty, WAF) and ability to secure and optimize cloud environments.
  • Proven expertise in Cloud Security Posture Management (CSPM), monitoring tools (e.g., Datadog), and AWS-native alerting services.
  • Deep understanding and practical application of compliance frameworks: HIPAA, SOC2, PCI (implementation required), and GDPR.
  • Strong experience designing and implementing vulnerability management programs and collaborating with vendors for penetration testing and remediation.
  • Advanced knowledge of incident response planning, including developing and executing plans to mitigate and respond to security incidents.
  • Demonstrated expertise in conducting risk assessments, identifying gaps, and recommending actionable mitigation strategies.
  • Proven experience in supporting external security audits.
  • Strong communication skills, with the ability to work effectively in a team-oriented, collaborative environment.
  • Relevant certifications (prioritized in order of importance): AWS Certified Security – Specialty, Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP), PCI Professional (PCIP).


Supervisory ResponsibilitiesThis position does not have supervisory responsibilities.

 

Physical DemandsThe physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this job, the employee is regularly required to sit at a desk and work on a computer for prolonged periods. The above job description is not intended to be an all-inclusive list of duties and standards of the position.  Incumbents will follow any other instructions, and perform any other related duties, as assigned by their supervisor.

 

Research & Development

Remote (Denver, Colorado, US)

Share on:

Terms of servicePrivacyCookiesPowered by Rippling