Senior Cloud Security Engineer
Redefining Healthcare with AI
Xsolis is an AI-driven technology company reducing administrative waste in healthcare by enabling smarter collaboration between providers and payers. Since 2013, our vision has been to create a frictionless healthcare system.
We are proudly headquartered in Franklin, TN - one of the nation's fastest-growing hubs for healthcare innovation - we are at the heart of a thriving ecosystem of health systems, payers, and technology leaders.
Our flagship product, Dragonfly®, is the first and only AI-driven platform to continuously assign real-time predictive scores for medical necessity. Dragonfly has delivered proven results across 600+ hospital, health system, and health plan clients and earned repeated industry recognition. With recognition on the Inc. 5000 and Deloitte Technology Fast 500 lists, Xsolis is also one of the fastest-growing privately-held companies in the country and across North America, and we're looking for talented people to grow with us.
Xsolis is a SaaS healthcare technology company breaking down silos between healthcare payors and providers with its Dragonfly platform that leverages predictive analytics, Machine Learning (ML), and Generative AI. Security, privacy, and trust are foundational for everything we build.
As a Sr. Cloud Security Engineer, you will help lead the design, implementation, and continuous improvement of our cloud security posture. You will play a critical role in securing AI-driven healthcare platforms running in modern cloud environments (AWS), ensuring compliance with healthcare regulations, and protecting sensitive patient data. This role requires deep technical expertise in cloud security, strong experience with regulated environments, and a forward-thinking mindset around securing AI/ML, Generative IA, and emerging Agentic AI systems.
We believe that effective Sr. Cloud Security Engineer needs more than technical know-how. The role also requires several non-technical to be a success at Xsolis including the following skills: motivation, communication, organization, prioritization, problem-solving, and adaptability.
The essential functions include, but are not limited to the following:
Cloud Security Architecture & Engineering
- Design and implement secure cloud architectures across AWS
- Lead the development of security guardrails, policies, and standards (IAM, network segmentation, encryption, etc.)
- Implement Zero Trust architecture principles across cloud-native systems and user endpoints
- Secure containerized and serverless workloads (ECS, Kubernetes, Docker, Lambda, etc.)
- Assess existing cloud implementations, identifying security issues and prioritizing them for remediation.
Workforce Security
- Define and enforce security controls for endpoints and resource access
- Implement improvements in identity lifecycle and PAM
- Partner with engineering teams to design and implement a secure VDI environment to support PHI access
AI/ML & GenAI Security
- Define and enforce security controls for AI/ML and GenAI applications
- Partner with Data Science to mitigate risks such as model poisoning, prompt injection, data leakage, and adversarial attacks
- Secure Agentic AI systems, including autonomous workflows and decision-making agents
- Collaborate with data science teams to embed security into model development lifecycle (MLSecOps)
Compliance & Risk Management
- Collaborate with GRC to ensure adherence to healthcare regulations (HIPAA, HITRUST, SOC 2, etc.)
- Conduct risk assessments and threat modeling for cloud and AI systems
- Support audits and compliance initiatives with appropriate controls and documentation
Detection & Response
- Implement and tune cloud-native security monitoring and detection (SIEM, CSPM, CWPP)
- Develop automated response and remediation workflows
- Help manage incident response efforts for cloud security events
DevSecOps & Automation
- Deep experience with SAST, DAST, SCA, and the use of AI coding tools
- Familiarity with programming languages (Python, Java, Node.js, C#)
- Integrate and optimize security in CI/CD pipelines and infrastructure-as-code (Terraform, CloudFormation)
- Automate security controls, scanning, and policy enforcement
- Partner with engineering teams to shift security left
Leadership & Collaboration
- Mentor other engineers, security analysts, and promote security best practices across teams
- Partner with product, engineering, people operations, enterprise systems, and data science teams
- Stay ahead of emerging threats in cloud and AI security
- Collaborate with various teams (internal and external) to meet business objectives and support Xsolis values
- Bachelor’s degree in Cybersecurity, Computer Science, Information Systems or working experience required
- Master’s degree in Cybersecurity, Computer Science, or Information Systems degree desirable
- Certifications such as CISSP, CCSP, AWS Security certifications are highly desired.
- 5+ years of experience in cloud security or cybersecurity engineering
- Strong knowledge of cloud security principles (IAM, networking, encryption, logging, etc.)
- Hands-on experience using and securing AWS services
- Solid understanding of securing containerized environments (Kubernetes, Docker)
- Deep understanding of security in regulated environments (HIPAA, HITRUST, SOC 2)
- Broad experience implementing automation to gain efficiencies
- Experience implementing Zero Trust Architecture
- Proficiency in programming or scripting
- Experience identifying AI security risks and securing AI technologies
- Ability to work and indirectly lead a wide range of professionals and team members.
- Work is typically in a normal office administrative environment involving minimal exposure to physical risks.
- Position requires little to moderate physical activity. Mostly sedentary work exerting up to 10 pounds of force occasionally or a negligible amount of force to lift, carry, push, pull, or otherwise move objects. Work involves sitting most of the time, but may involve walking or standing for brief periods of time. No significant stooping is usually required.
- This role requires travel to our home offices in TN for training.
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this position.
In any role at Xsolis, it's a chance to make a complex healthcare system a little more efficient alongside a team that's passionate, fast-moving, and genuinely invested in your success. Your contributions will shape both our product and our culture.
Full-time Employees’ Total Rewards package include:
- Medical/Dental/Vision insurance
- 401K company match
- Flexible Paid Time Off
- Paid parental leave
- HSA/FSA options
- Educational reimbursement program
- Employer-paid EAP & Mental Health services
-------
Xsolis is proud to be an equal opportunity employer. We celebrate diversity and are committed to building an inclusive environment for all. We encourage candidates of every background to apply.
All candidates must successfully pass a background check and fall under the same security role, which includes access to sensitive information, including proprietary data and PHI.
Work Authorization Notice: Please note that we do not provide visa sponsorship or immigration support for this position. Applicants must already be authorized to work in the United States on a full-time, permanent basis without the need for current or future sponsorship.
All official communications from our recruitment team will only come from @xsolis.com. Verify open roles at https://www.xsolis.com/about/careers. For information regarding how we collect, use, and protect applicant personal information, please review our CCPA Privacy Notice for Job Applicants.
Create a Job Alert
Interested in building your career at Xsolis, Inc? Get future opportunities sent straight to your email.
Apply for this job
*
indicates a required field