Catalytic Data Science
Cloud Security Engineer III
Catalytic Data Science, Weston, Connecticut, United States, 06883
Cloud Security Engineer III
About Catalytic Data Science (CDS): Catalytic Data Science is a fast-growing SaaS company building cutting-edge, AI-driven solutions for regulatory affairs professionals shaping innovation in life sciences. Our engineering team leverages generative AI to extract insights from complex, unstructured data at scale. We believe in clean code, collaborative problem-solving, and a culture where engineers have a direct impact on meaningful products used by global life sciences organizations. Our customers are passionate about making the world a better place, and we are inspired by the opportunity to help them. If you are passionate about solving technical challenges that improve medical innovation and regulatory processes, you'll find your next home with us. Who You Are: You are a proactive cloud security expert, motivated by defending complex platforms and data in the cloud. You possess a deep understanding of cloud ecosystems (especially AWS) and relish staying ahead of emerging threats. You work seamlessly with engineering teams, championing a security-first mindset, automating protections, and translating regulatory requirements into practical solutions. What You Will Do: Design, implement, and manage security strategies for AWS environments deployed across multiple customer VPCs. Develop and enforce cloud security best practices in alignment with regulatory requirements relevant to life sciences (GxP, HIPAA, GDPR, etc.). Lead vulnerability management, security monitoring, and intrusion detection across cloud infrastructure. Oversee identity and access management (IAM), encryption (in transit and at rest), and secure networking (VPN, firewalls, VPC peering, etc). Conduct regular security assessments, risk analyses, and compliance audits. Produce clear, actionable reports and remediation plans. Integrate security into CI/CD pipelines, implement secure code review, and support secure DevOps practices (DevSecOps). Evaluate, select, and deploy security tooling for log aggregation, anomaly detection, and automated alerting (e.g., AWS Security Hub, GuardDuty, Sentinel, etc.). Create and maintain incident response procedures, run tabletop exercises, and lead post-incident analysis. Act as a security subject matter expert; train and mentor engineering teams on security principles and evolving threats. Who You Are: BS in computer science or related engineering, science or math discipline 5+ years in cloud security engineering, with expertise in AWS security (Azure a plus). Deep knowledge of securing multi-tenant SaaS environments and networking constructs. Hands-on experience with penetration testing, vulnerability management, and incident response. Familiar with compliance standards in the life sciences domain (GxP, HIPAA, GDPR, etc.). Fluent with security automation and Infrastructure as Code (e.g., CloudFormation, Terraform). Experience integrating security into CI/CD pipelines. Strong scripting abilities (Bash, Python, etc.). Excellent communication skills and ability to work cross-functionally. Industry certifications such as AWS Security Specialty, CISSP, CISM, or similar are a plus. Experience leveraging AI-powered coding assistants (e.g., GitHub Copilot, Copilot X, ChatGPT Code Interpreter, Amazon CodeWhisperer) to enhance productivity in day-to-day software development activities, including code generation, refactoring, and documentation. Familiarity with best practices for integrating AI coding assistants into team workflows while maintaining code quality, security, and regulatory compliance. In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification document form upon hire.
About Catalytic Data Science (CDS): Catalytic Data Science is a fast-growing SaaS company building cutting-edge, AI-driven solutions for regulatory affairs professionals shaping innovation in life sciences. Our engineering team leverages generative AI to extract insights from complex, unstructured data at scale. We believe in clean code, collaborative problem-solving, and a culture where engineers have a direct impact on meaningful products used by global life sciences organizations. Our customers are passionate about making the world a better place, and we are inspired by the opportunity to help them. If you are passionate about solving technical challenges that improve medical innovation and regulatory processes, you'll find your next home with us. Who You Are: You are a proactive cloud security expert, motivated by defending complex platforms and data in the cloud. You possess a deep understanding of cloud ecosystems (especially AWS) and relish staying ahead of emerging threats. You work seamlessly with engineering teams, championing a security-first mindset, automating protections, and translating regulatory requirements into practical solutions. What You Will Do: Design, implement, and manage security strategies for AWS environments deployed across multiple customer VPCs. Develop and enforce cloud security best practices in alignment with regulatory requirements relevant to life sciences (GxP, HIPAA, GDPR, etc.). Lead vulnerability management, security monitoring, and intrusion detection across cloud infrastructure. Oversee identity and access management (IAM), encryption (in transit and at rest), and secure networking (VPN, firewalls, VPC peering, etc). Conduct regular security assessments, risk analyses, and compliance audits. Produce clear, actionable reports and remediation plans. Integrate security into CI/CD pipelines, implement secure code review, and support secure DevOps practices (DevSecOps). Evaluate, select, and deploy security tooling for log aggregation, anomaly detection, and automated alerting (e.g., AWS Security Hub, GuardDuty, Sentinel, etc.). Create and maintain incident response procedures, run tabletop exercises, and lead post-incident analysis. Act as a security subject matter expert; train and mentor engineering teams on security principles and evolving threats. Who You Are: BS in computer science or related engineering, science or math discipline 5+ years in cloud security engineering, with expertise in AWS security (Azure a plus). Deep knowledge of securing multi-tenant SaaS environments and networking constructs. Hands-on experience with penetration testing, vulnerability management, and incident response. Familiar with compliance standards in the life sciences domain (GxP, HIPAA, GDPR, etc.). Fluent with security automation and Infrastructure as Code (e.g., CloudFormation, Terraform). Experience integrating security into CI/CD pipelines. Strong scripting abilities (Bash, Python, etc.). Excellent communication skills and ability to work cross-functionally. Industry certifications such as AWS Security Specialty, CISSP, CISM, or similar are a plus. Experience leveraging AI-powered coding assistants (e.g., GitHub Copilot, Copilot X, ChatGPT Code Interpreter, Amazon CodeWhisperer) to enhance productivity in day-to-day software development activities, including code generation, refactoring, and documentation. Familiarity with best practices for integrating AI coding assistants into team workflows while maintaining code quality, security, and regulatory compliance. In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification document form upon hire.