Sr Information Cloud Security Engineer

Q2 Solutions is a leading clinical trial laboratory services organization with end-to-end laboratory services and secure, enterprise-wide biospecimen and consent management solutions. With a relentless focus on quality and innovation, Q2 Solutions uses its global experience and scientific expertise to transform science and data into actionable medical insights that help customers improve human health.  A joint venture of IQVIA (formerly QuintilesIMS) and Quest Diagnostics, Q2 Solutions combines the best of each parent organization’s clinical trials laboratory services capabilities to fulfill its mission of treating each sample as if a life depends on it.

RESPONSIBILITIES

• Interpret security and technical requirements into business requirements and communicate security risks to relevant stakeholders ranging from business leaders to engineers.
• Participate in the SDLC process for all IT systems by reviewing architecture plans and ensuring security measures are incorporated and implemented to protect the integrity of the data and overall system operation. Security measures will include, but not be limited to, antivirus defense, intrusion detection, encryption systems, authentication and access control systems, network scanning, pen testing, and vulnerability assessments.
• Administer Identity and Access Management in all cloud environments, which includes management of keys, service accounts, IAM individual accounts, and AD accounts through SSO. Implement automated solutions to continually scan and flag expired credentials as well as IAM access that should be removed per company policies.
• Provide oversight to cloud operations and development teams with regards to security controls being implemented in the cloud, including but not limited to, security groups, routing tables, ports, gateways, VPCs, and public facing services.
• Automate security controls, data and processes to provide improved metrics and operational support
• Automate the management of credentials and security patches for operating systems, firewalls, and applications as warranted.
• Stay abreast to new cloud offerings that can be leveraged for security and compliance monitoring and alerting. Implement solutions to continually monitor, provide alerts, automatically generate incident tickets, and when possible, automatically prevent or resolve issues.
• Lead investigations as well as mitigations and remediations. Apply forensic investigation techniques to document root cause and impact of detected computer security incidents.
• Ensure that we are always audit ready with regards to security and compliance. Participate in any internal or external audits as warranted.
• Maintain awareness of new and emerging cyber-attack threats with potential to harm company systems and networks. Devise and implement countermeasures to mitigate potential security threats.
• Lead the development, revision, and maintenance of Standard Operating Procedures and Working Instructions related to IT security.

REQUIRED KNOWLEDGE, SKILLS AND ABILITIES

• Experience architecting, implementing, and operating security solutions to protect data and IT systems hosted in the cloud.
• Working knowledge of AWS and Azure foundation services related to compute, network, storage, content delivery, administration and security, deployment and management, automation technologies
• Strong familiarity with Linux and Windows operating systems
• Experience with routers, firewalls, switching technology and TCP/IP protocol management.
• Experience architecting, designing, and programming applications.
• Working knowledge of programming languages and/or scripting languages.
• Excellent communication skills with strong teamwork, analytical and troubleshooting skills, and attentiveness to detail.

MINIMUM REQUIRED EDUCATION AND EXPERIENCE

• Bachelor’s Degree in information security, computer science, or related discipline or equivalent combination of education, training and experience.
• 2 years’ experience working actively in AWS and Azure.
• 2 years’ experience administering Unix/Linux and Windows environments.
• 5 years’ experience as an IT security engineer.
• Professional certification in IT security or network/systems administration is desirable (CISSP, GIAC, MCSE, others).

PHYSICAL REQUIREMENTS

• Extensive use of telephone and face-to-face communication requiring accurate perception of speech.
• Extensive use of keyboard and mouse requiring repetitive motion of fingers and wrists.
• Regular sitting for extended periods of time.
• Occasional travel.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other status protected by applicable law.

IQVIA, Inc. provides reasonable accommodations for applicants with disabilities.  Applicants who require reasonable accommodation to submit an application for employment or otherwise participate in the application process should contact IQVIA’s Talent Acquisition team at workday_recruiting@iqvia.com to arrange for such an accommodation.