HIPAA AWS Infrastructure Review
Worldwide
We are looking for an experienced AWS security consultant with deep knowledge of HIPAA compliance to perform an independent security review of our AWS environment and provide actionable recommendations prior to our go live. This is not an implementation project; however, it could transition into one depending upon the results. We are looking for a senior consultant who can evaluate our current architecture, identify security and compliance gaps, and deliver a prioritized remediation roadmap. We're looking for someone who can identify real risks, not simply produce a checklist. Practical experience with verified healthcare SaaS environments is highly preferred. You will be working with our full time developer if needed. Scope of Work The selected consultant will: • Review our AWS architecture and security configuration • Assess HIPAA technical safeguards and AWS best practices • Review IAM users, roles, and permissions for least privilege • Evaluate network security (VPCs, Security Groups, NACLs, WAF, VPN) • Review encryption at rest and in transit (KMS, S3, RDS, EBS, Secrets Manager) • Assess logging, monitoring, and audit capabilities (CloudTrail, CloudWatch, GuardDuty, Security Hub) • Review backup and disaster recovery strategy (if applicable) • Evaluate authentication and MFA policies • Review application hosting architecture and storage of PHI • Identify any services that may not be HIPAA eligible • Identify high, medium, and low-risk findings • Provide practical recommendations based on risk and cost • Deliver a written report with remediation priorities Deliverables • Executive summary • Technical security assessment • HIPAA gap analysis • Risk-prioritized findings • Recommended remediation plan • Walkthrough of findings with developer Required Experience Please apply only if you have: • 5+ years securing AWS production environments • Experience supporting HIPAA-regulated healthcare applications in the United States • Strong knowledge of AWS security services • Experience with IAM, KMS, CloudTrail, GuardDuty, Security Hub, WAF, VPC, S3, EC2, RDS, and Secrets Manager • Ability to explain technical findings to non-technical stakeholders as well as full time developer Preferred Qualifications • AWS Security Specialty certification • AWS Solutions Architect Professional • CISSP, CCSP, HCISPP, or similar security certifications • Experience preparing organizations for HIPAA, HITRUST, or SOC 2 audits (preferred HIPAA) • Experience working under Business Associate Agreements (BAAs) Environment Our environment includes: • AWS-hosted healthcare application • Protected Health Information (PHI) • Production and development environments • Modern web application architecture More technical details will be shared after an NDA and/or Business Associate agreement is signed. Proposal Requirements Please include: 1. A brief description of similar AWS HIPAA security reviews you've completed. 2. Relevant AWS certifications. 3. Your approach to conducting a security assessment. 4. Estimated timeline. 5. Fixed-price estimate or hourly rate (we merely estimated a budget, and depending upon a conversation would be open to exploring more or less). AI Disclaimer: This job posting was created by a non-technical individual with the assistance of AI.
$600.00
Fixed-price- ExpertExperience Level
- Remote Job
- One-time projectProject Type
Skills and Expertise
Activity on this job
- Proposals:10 to 15
- Last viewed by client:47 seconds ago
- Interviewing:2
- Invites sent:3
- Unanswered invites:1
About the client
- United StatesBoynton Beach8:02 AM
- $13K total spent2 hires, 1 active
- 405 hours
- Tech & ITIndividual client
Explore similar jobs on Upwork
How it works
Create your free profileHighlight your skills and experience, show your portfolio, and set your ideal pay rate.
Work the way you wantApply for jobs, create easy-to-by projects, or access exclusive opportunities that come to you.
Get paid securelyFrom contract to payment, we help you work safely and get paid securely.
About Upwork
- 4.9/5(Average rating of clients by professionals)
- G2 2021#1 freelance platform
- 49,000+Signed contract every week
- $2.3BFreelancers earned on Upwork in 2020
Find the best freelance jobs
Growing your career is as easy as creating a free profile and finding work like this that fits your skills.
Trusted by