[Remote] Senior Cloud Security Analyst/Engineer

Note: The job is a remote job and is open to candidates in USA. CMA is looking for a Senior Cloud Security Analyst/Engineer to maintain and monitor security systems and cloud environments. The role involves performing cloud security administration, analyzing security events, and assisting with investigations into security incidents.

Responsibilities

• Maintain and monitor Network Intrusion Detection/Protection (IDS/IPS) rules
• Perform cloud security administration for Firewalls, Endpoint Protection tools, Windows & nix patching tools
• SIEM: ability to create and manage cloud alerting events. Experience with AI-enabled enterprise products such as Splunk or LogRhythm desired. Configure or perform security event scanning, detection, and analysis using available tools and platforms. Review, collect, analyze, and correlate malware and security events from network security tools and provide results and recommendations to management. Correlate SIEM events for early warning, alerting, trends and prevention. Analyze event data received to eliminate false positives and identify security events. Conduct trend analysis of security events to identify anomalous malicious activity and related events
• Monitor and review cloud-based LDAP/Active Directory accounts
• Maintain and update security incident tickets within corporate ITSM. Review and update assigned ITSM security tasks. Open tickets for identified security events and incidents. Manage assigned tickets by working with appropriate staff
• Assist with investigations into cloud security intrusions, events, incidents, or suspicious activities. Monitor the cloud network and supporting systems to detect security compromise events. Provide reports and updates to management as needed
• Incorporate input from N/SOC staff and external vendor personnel to validate potential cloud events and incidents
• Monitor various cyber security threat portals and other credible sources for cyber threat information
• Monitor security group mailbox for email alerts and user requests
• Provide reports and attend scheduled and ad-hoc meetings as necessary
• Provide network and security operations technical analysis, assessment, and recommendations to CMA staff and management as needed. Provide cloud security threat prevention recommendations
• Provide enterprise-wide network systems and applications systems security log auditing or audit artifacts as needed
• Additional job duties as required

Skills

• Maintain and monitor Network Intrusion Detection/Protection (IDS/IPS) rules
• Perform cloud security administration for Firewalls, Endpoint Protection tools, Windows & nix patching tools
• SIEM: ability to create and manage cloud alerting events
• Experience with AI-enabled enterprise products such as Splunk or LogRhythm desired
• Configure or perform security event scanning, detection, and analysis using available tools and platforms
• Review, collect, analyze, and correlate malware and security events from network security tools and provide results and recommendations to management
• Correlate SIEM events for early warning, alerting, trends and prevention
• Analyze event data received to eliminate false positives and identify security events
• Conduct trend analysis of security events to identify anomalous malicious activity and related events
• Monitor and review cloud-based LDAP/Active Directory accounts
• Maintain and update security incident tickets within corporate ITSM
• Review and update assigned ITSM security tasks
• Open tickets for identified security events and incidents
• Manage assigned tickets by working with appropriate staff
• Assist with investigations into cloud security intrusions, events, incidents, or suspicious activities
• Monitor the cloud network and supporting systems to detect security compromise events
• Provide reports and updates to management as needed
• Incorporate input from N/SOC staff and external vendor personnel to validate potential cloud events and incidents
• Monitor various cyber security threat portals and other credible sources for cyber threat information
• Monitor security group mailbox for email alerts and user requests
• Provide reports and attend scheduled and ad-hoc meetings as necessary
• Provide network and security operations technical analysis, assessment, and recommendations to CMA staff and management as needed
• Provide cloud security threat prevention recommendations
• Provide enterprise-wide network systems and applications systems security log auditing or audit artifacts as needed
• Cloud SIEM familiarity (GCP SCC, Splunk)
• BCP/IR
• Endpoint detection & response (EDR) tools (Falcon, Symantec)
• Cloud Infrastructure security tools (GCP SCC, GCP Cloud Armor, AWS tools, IDS/IPS, FW, DNS)
• M365 familiarity (Entra, Azure, Email)
• Security control frameworks (NIST, CIS, OWASP, AI RMF)
• CISSP or similar
• Applicable cloud vendor certifications

Company Overview

• At CMA, we believe in building something bigger than ourselves, every day. It was founded in 1984, and is headquartered in Latham, New York, USA, with a workforce of 201-500 employees. Its website is http://cma.com/.

Company H1B Sponsorship

• CMA has a track record of offering H1B sponsorships, with 4 in 2025, 3 in 2024, 3 in 2023, 2 in 2022, 7 in 2021, 5 in 2020. Please note that this does not guarantee sponsorship for this specific role.

Apply tot his job Apply To this Job