Staff Cloud Security Engineer, Vulnerability Management

About Cvshealth

At CVS Health, we’re building a world of health around every consumer and surrounding ourselves with dedicated colleagues who are passionate about transforming health care. As the nation’s leading health solutions company, we reach millions of Americans through our local presence, digital channels and more than 300,000 purpose-driven colleagues – caring for people where, when and how they choose in a way that is uniquely more connected, more convenient and more compassionate. And we do it all with heart, each and every day.

Job Summary

Seeking a highly skilled Security Specialist with deep expertise in cloud and database security, hands-on experience with OpenShift, and a proven track record in operational vulnerability management and team leadership. This role will drive vulnerability remediation efforts across cloud platforms (AWS, Azure, GCP) and database environments, ensuring the protection of critical enterprise assets. The Security Specialist will serve as a technical advisor, championing secure configurations, leading strategic security initiatives, and fostering collaboration between security, operations, and development teams to deliver robust, enterprise-wide security solutions to remediate security threats.

Key Responsibilities

• Cloud Security
• Oversee the administration, and implementation of the vulnerability and Minimum Security Baseline program.
• Acts as a SME (subject matter expertise) in Cloud Security area, offering solutions and recommendations to the operation teams.
• Design, implement, and maintain security measures for cloud-based systems (AWS, Azure, GCP, Openshift).
• Develop and enforce security policies and procedures for cloud platforms.
• Manage cloud security monitoring, incident response, and remediation.
• Work closely with cross-realm security teams to ensure adequate security solutions and controls are in place to meet business and regulatory requirements.
• Ensure compliance with regulatory requirements (GDPR, HIPAA, SOC 2, PCI-DSS).
• Automate security processes and integrate with CI/CD pipelines.
• Database Security
• Implement and maintain security controls for enterprise databases (on-premises, cloud, DBaaS).
• Lead database security audits, risk assessments, and compliance initiatives.
• Develop and enforce database access controls, encryption, and authentication solutions.
• Collaborate with IT and development teams to integrate security throughout the software lifecycle.
• Openshift & Container Security
• Manage and secure Openshift/Kubernetes clusters, including deployment, upgrades, and lifecycle management.
• Implement RBAC, compliance controls, and vulnerability scanning for containerized environments.
• Troubleshoot and resolve security issues across cluster, OS, network, and storage layers.
• Support image scanning, import, and registry management in Openshift runtime projects.
• Vulnerability Management & Team Coordination
• Lead vulnerability management programs, including regular scans, risk assessments, and remediation.