Job Application for Staff Security Engineer at GHX

Staff Security Engineer – Automation and Orchestration

Reporting to the Senior Manager, Security Engineer, this role is responsible for architecting and implementing automation frameworks across AWS infrastructure, DevSecOps pipelines, and SOC operations. The role focuses on orchestrating cloud deployments, automating security validation, and centralizing cybersecurity telemetry for advanced analytics and operational resilience."

Responsibilities

Architect, design, and implement event-driven automation frameworks for AWS infrastructure provisioning, application deployments, and operational workflows.
Build and maintain reusable Infrastructure-as-Code templates and automation modules to accelerate cloud service adoption.
Develop orchestration pipelines to automate DevSecOps security validation, vulnerability scanning, and compliance checks across environments.
Implement automation for security operations workflows including alert ingestion, enrichment, correlation, and automated response using AWS-native and third-party tools.
Integrate SOC processes into orchestration frameworks to reduce mean time to detect (MTTD) and mean time to respond (MTTR).
Automate, centralize, transform, and stash cybersecurity telemetry from SOC and SaaS sources using tools like Logstash, Farebeat, and AWS-native ingestion services, exporting the enriched data into SIEM platforms for advanced analytics and monitoring.
Collaborate with DevOps, SRE, Platform, and Security Engineering teams to deliver highly automated, self-healing cloud systems.
Build auto-remediation workflows based on cloud telemetry and security findings.
Continuously optimize CI/CD pipelines with embedded security and compliance automation.
Serve as an advocate for event-driven, serverless, and automated operations architectures within engineering and security organizations.
Provide thought leadership on emerging AWS services and best practices for cloud automation and DevSecOps enablement.

Knowledge and Skills

Deep expertise in AWS cloud automation, infrastructure-as-code (IaC), and orchestration frameworks (e.g., AWS CloudFormation, Terraform, AWS CDK and CLI).
Deep expertise working with API’s to retrieve data, aggregate data and report on them.
Strong experience designing and securing automated deployment pipelines (CI/CD) and GitHub Actions.
Proficiency with scripting languages such as Python, Bash, or Go to automate cloud operations and workflows.
Expertise in AWS Service Catalog, Systems Manager (SSM), EventBridge, and Step Functions for event-driven automation.
Hands-on experience with automation of security operations (SOC) processes: alert triage, ticketing, response playbooks.
Experience integrating DevSecOps security controls into CI/CD pipelines (e.g., SAST, DAST, container scanning, secrets management automation, RASP, Autonomous Pen testing/IAST).
Familiarity with AWS security services (GuardDuty, Security Hub, Config) and automating their responses.
Working knowledge of Git, GitHub, and other CI/CD orchestration tools.
Automate, segregate, transform, centralize, & stash Cybersecurity data across all SOC and SaaS sources using Logstash/filebeat etc. and send it to SIEM.
Strong documentation and governance skills for automation, design, and lifecycle management.

Required Experience

Bachelor’s degree
8 + years of combined experience working in IT, Cyber Security, AWS and DevOps

Preferred Experience/Key Differentiators

AWS DevOps and Automation experience.
AWS Security stack experience

GHX: It's the way you do business in healthcare
Global Healthcare Exchange (GHX) enables better patient care and billions in savings for the healthcare community by maximizing automation, efficiency and accuracy of business processes.

GHX is a healthcare business and data automation company, empowering healthcare organizations to enable better patient care and maximize industry savings using our world class cloud-based supply chain technology exchange platform, solutions, analytics and services. We bring together healthcare providers and manufacturers and distributors in North America and Europe - who rely on smart, secure healthcare-focused technology and comprehensive data to automate their business processes and make more informed decisions.

It is our passion and vision for a more operationally efficient healthcare supply chain, helping organizations reduce - not shift - the cost of doing business, paving the way to delivering patient care more effectively. Together we take more than a billion dollars out of the cost of delivering healthcare every year. GHX is privately owned, operates in the United States, Canada and Europe, and employs more than 1000 people worldwide. Our corporate headquarters is in Colorado, with additional offices in Europe.

Disclaimer
Global Healthcare Exchange, LLC and its North American subsidiaries (collectively, “GHX”) provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, national origin, sex, sexual orientation, gender identity, religion, age, genetic information, disability, veteran status or any other status protected by applicable law. All qualified applicants will receive consideration for employment without regard to any status protected by applicable law. This EEO policy applies to all terms, conditions, and privileges of employment, including hiring, training and development, promotion, transfer, compensation, benefits, educational assistance, termination, layoffs, social and recreational programs, and retirement.GHX believes that employees should be provided with a working environment which enables each employee to be productive and to work to the best of his or her ability. We do not condone or tolerate an atmosphere of intimidation or harassment based on race, color, national origin, sex, sexual orientation, gender identity, religion, age, genetic information, disability, veteran status or any other status protected by applicable law. GHX expects and requires the cooperation of all employees in maintaining a discrimination and harassment-free atmosphere. Improper interference with the ability of GHX’s employees to perform their expected job duties is absolutely not tolerated.

Read our GHX Privacy Policy

Create a Job Alert

Interested in building your career at GHX? Get future opportunities sent straight to your email.

First Name

Last Name

Phone

Resume/CV

Accepted file types: pdf, doc, docx, txt, rtf

Cover Letter

Accepted file types: pdf, doc, docx, txt, rtf

LinkedIn Profile

Website

Candidate Location

Website

Current CTC

Expected CTC

Notice Period

Current Location

What city do you live in?

When you apply to a job on this site, the personal data contained in your application will be collected by the GHX Compliance & Privacy Officer (CPO), which is located at 1315 W Century Dr., STE 100, Louisville, CO 80027 and can be contacted by emailing compliance@ghx.com . Your personal data will be processed for the purposes of managing GHX's recruitment related activities, which include setting up and conducting interviews and tests for applicants, evaluating and assessing the results thereto, and as is otherwise needed in the recruitment and hiring processes. Such processing is legally permissible under Art. 6(1)(f) of Regulation (EU) 2016/679 (General Data Protection Regulation) as necessary for the purposes of the legitimate interests pursued by the CPO, which are the solicitation, evaluation, and selection of applicants for employment. Your personal data will be shared with Greenhouse Software, Inc., a cloud services provider located in the United States of America and engaged by GHX to help manage its recruitment and hiring process on the CPO's behalf. Accordingly, if you are located outside of the United States, your personal data will be transferred to the United States once you submit it through this site. Because the European Union Commission has determined that United States data privacy laws do not ensure an adequate level of protection for personal data collected from EU data subjects, the transfer will be subject to appropriate additional safeguards. You can obtain a copy of the standard contractual clauses by contacting us at humanresources@ghx.com. Your personal data will be retained by GHX as long as GHX determines it is necessary to evaluate your application for employment. Under the GDPR, you have the right to request access to your personal data, to request that your personal data be rectified or erased, and to request that processing of your personal data be restricted. You also have to right to data portability. In addition, you may lodge a complaint with an EU supervisory authority.

Select...

What is your full legal name?

When you apply for a job on this site, the personal information in your application is collected and processed as described in the GHX Privacy Policy (See hyperlink below). The Privacy Policy also describes your rights with respect to your personal information and how to exercise your rights. Please review the Privacy Policy carefully, and if you do not agree to processing of your personal information as described in the Privacy Policy, do not submit your personal information.

Select...

GHX Privacy Policy

Staff Security Engineer

Apply for this job