Cloud Security Analyst
445 Hoes Lane Middlesex County, NJ 08854-1331
Job Title: Cloud Security Analyst
Status: Full Time Direct Hire
Remote: Temporarily – onsite will be required
We are seeking a Cloud Security Analyst to join a growing team in a full-time capacity. This person will assist in the daily support of the cloud security technology for protecting client and intellectual data for all cloud/hybrid solutions for the company. This position will directly contribute to the overall security program and will lead the use of cloud security technology to protect data and applications — this includes monitoring, reporting and the auditing of security controls.
- Act as subject matter expert (SME) on cloud security issues.
- Design, develop, review and build security architectures for public, private, and hybrid Cloud based systems within Amazon Web Services (AWS), Microsoft Azure, or other cloud providers. Identify, design and deploy solutions to secure cloud usage, whether cloud-native or COTS solutions.
- Communicate IT security related programs and issues to management, as appropriate.
- Design, develop and implement cloud security standards.
- Recommend security system architecture solutions based on industry best practices.
- Conduct audits, assessments, penetration tests and coordinate remediation activities.
- Provide direct support to IT staff for security-related issues.
- Ensure compliance with security policies, standards, and procedures.
- Coach other teams about cloud security-relevant technologies, processes and tools.
- Assists with the investigation of security incidents, recommends, and implements solutions to remediate or mitigate them.
- Provide threat modeling and risk assessment services to characterize the risk and severity posture of various systems and components in cloud environments.
- Implement and maintain automated and flexible detection and response programs.
- Collect security-related operational metrics through automation and increase security visibility across the organization; measure the coverage and effectiveness of security tools; transparency over the security state of the Cloud.
- Maintains current knowledge of relevant security and privacy trends.
Bachelor of Science degree in Cybersecurity, Information Security, Computer Science, or related field required.
- 5+ years of hands-on experience with Cloud platforms (AWS, Azure, etc.) required
- 3+ years of hands-on experience implementing and managing cloud security tools required
- Experience conducting and mitigating security/risk assessments preferred
- Experience with implementing and enforcing policies, procedures and guidelines in a complex environment preferred.
Licenses and Certifications
Certified Information Systems Security Professional (CISSP) or Certified Cloud Security Professional (CCSP) required
Skills and Requirements
- Knowledge or familiarity with cloud security concepts, technologies, and best practices, including but not limited to, automation frameworks (Ansible, Terraform, Chef, Salt, Puppet, etc.), securing containers and container orchestration frameworks, Active Directory, LDAP, Federated SSO, One-Time Password (OTP) technology, SSL, encryption, IDS/IPS, SIEM, malware detection, forensics in a cloud environment, network and web app firewalls.
- Offensive Security-oriented mindset (threat-modeling, vulnerability assessments, pen testing, etc.)
- Fluent in one or more programming/scripting languages (Python preferred, but not required)
- Ability to work independently managing multiple deadlines and deliverables
- Highly disciplined in how resources are used; designs and champions ideas to drive efficiency
- Working understanding of information security standards, guidelines and frameworks such as NIST, COBIT or PCI.
- Understanding of, and ability to communicate, security and risk implications to technical and non-technical audiences
- Must demonstrate ability to perform and respond well in crisis situations
Must have strong experience with;
- Security monitoring and auditing tools
- Encryption systems
- Data protection practices to maintaining regulatory or legal compliance
- General security, incident response and management
- Ability to work alone and build relationships across the organization.
- Anticipates problems and identifies long-term implications of decisions and actions.
Meet Your Recruiter
If you feel like you are the right fit for the job above, please click the apply online button below and I will be sure to reach out ASAP!