Previous Job
Previous
Cloud Security Analyst - Perm
Ref No.: 20-00359
Location: Piscataway, New Jersey
Our direct client is seeking a Cloud Security Analyst for their Piscataway, NJ location. This is a direct hire opportunity.

Job Summary:
Cloud Security Analyst to assist in daily support of cloud security technology for protecting client and intellectual data for all cloud/hybrid solutions for the company. This person will directly contribute to the overall Security Program and will lead the use of cloud security technology to protect data and applications-this includes monitoring, reporting and auditing of security controls. Reports to Manager, Information Security. No direct reports.

Key responsibilities:
  • Act as subject matter expert (SME) on cloud security issues.
  • Design, develop, review and build security architectures for public, private, and hybrid Cloud based systems within Amazon Web Services (AWS), Microsoft Azure, or other cloud providers. Identify, design and deploy solutions to secure cloud usage, whether cloud-native or COTS solutions.
  • Communicate IT security related programs and issues to management, as appropriate.
  • Design, develop and implement cloud security standards.
  • Recommends security system architecture solutions based on industry best practices.
  • Conduct audits, assessments, penetration tests and coordinate remediation activities.
  • Provide direct support to IT staff for security-related issues.
  • Ensure compliance with security policies, standards, and procedures.
  • Coach other teams about cloud security-relevant technologies, processes and tools.
  • Assists with the investigation of security incidents, recommends and implements solutions to remediate or mitigate them.
  • Provide threat modeling and risk assessment services to characterize the risk and severity posture of various systems and components in cloud environments.
  • Implement and maintain automated and flexible detection and response programs.
  • Collect security-related operational metrics through automation and increase security visibility across the organization; measure the coverage and effectiveness of security tools; transparency over the security state of the Cloud).
  • Maintains current knowledge of relevant security and privacy trends.
Work experience:
  • 5+ years of hands-on experience with Cloud platforms (AWS, Azure, etc.) required
  • 3+ years of hands-on experience implementing and managing cloud security tools required
  • Experience conducting and mitigating security/risk assessments preferred
  • Experience with implementing and enforcing policies, procedures and guidelines in a complex environment preferred.
Technical Specifications:
  • Knowledge or familiarity with cloud security concepts, technologies, and best practices, including but not limited to, automation frameworks (Ansible, Terraform, Chef, Salt, Puppet, etc.), securing containers and container orchestration frameworks, Active Directory, LDAP, Federated SSO, One-Time Password (OTP) technology, SSL, encryption, IDS/IPS, SIEM, malware detection, forensics in a cloud environment, network and web app firewalls.
  • Offensive Security-oriented mindset (threat-modeling, vulnerability assessments, pen testing, etc.)
  • Fluent in one or more programming/scripting languages (Python preferred, but not required)
  • Ability to work independently managing multiple deadlines and deliverables
  • Highly disciplined in how resources are used; designs and champions ideas to drive efficiency
  • Working understanding of information security standards, guidelines and frameworks such as NIST, COBIT or PCI.
  • Understanding of, and ability to communicate, security and risk implications to technical and non-technical audiences
  • Must demonstrate ability to perform and respond well in crisis situations

Must have:
  • Security monitoring and auditing tools
  • Encryption systems
  • Data protection practices to maintaining regulatory or legal compliance
  • General security, incident response and management
  • Ability to work alone and build relationships across the organization.
  • Anticipates problems and identifies long-term implications of decisions and actions.
  • Licenses and Certifications-Certified Information Systems Security Professional (CISSP) or Certified Cloud Security Professional (CCSP) required

Nice to have:
  • Strong team skills
  • Strong cloud security background. Someone who has done this at a prior company

Education:
Bachelor of Science degree in Cybersecurity, Information Security, Computer Science, or related field required