[Remote] Senior Cloud Security Analyst/Engineer
Note: The job is a remote job and is open to candidates in USA. CMA is a company focused on cloud security solutions, and they are seeking a Senior Cloud Security Analyst/Engineer to maintain and monitor security systems and respond to incidents. The role involves managing cloud security tools, analyzing security events, and providing recommendations to enhance security measures.
Responsibilities
- Maintain and monitor Network Intrusion Detection/Protection (IDS/IPS) rules
- Perform cloud security administration for Firewalls, Endpoint Protection tools, Windows & *nix patching tools
- SIEM: ability to create and manage cloud alerting events
- Experience with AI-enabled enterprise products such as Splunk or LogRhythm desired
- Configure or perform security event scanning, detection, and analysis using available tools and platforms
- Review, collect, analyze, and correlate malware and security events from network security tools and provide results and recommendations to management
- Correlate SIEM events for early warning, alerting, trends and prevention
- Analyze event data received to eliminate false positives and identify security events
- Conduct trend analysis of security events to identify anomalous malicious activity and related events
- Monitor and review cloud-based LDAP/Active Directory accounts
- Maintain and update security incident tickets within corporate ITSM
- Review and update assigned ITSM security tasks
- Open tickets for identified security events and incidents
- Manage assigned tickets by working with appropriate staff
- Assist with investigations into cloud security intrusions, events, incidents, or suspicious activities
- Monitor the cloud network and supporting systems to detect security compromise events
- Provide reports and updates to management as needed
- Incorporate input from N/SOC staff and external vendor personnel to validate potential cloud events and incidents
- Monitor various cyber security threat portals and other credible sources for cyber threat information
- Monitor security group mailbox for email alerts and user requests
- Provide reports and attend scheduled and ad-hoc meetings as necessary
- Provide network and security operations technical analysis, assessment, and recommendations to CMA staff and management as needed
- Provide cloud security threat prevention recommendations
- Provide enterprise-wide network systems and applications systems security log auditing or audit artifacts as needed
- Additional job duties as required
Skills
- Cloud SIEM familiarity (GCP SCC, Splunk)
- BCP/IR
- Endpoint detection & response (EDR) tools (Falcon, Symantec)
- Cloud Infrastructure security tools (GCP SCC, GCP Cloud Armor, AWS tools, IDS/IPS, FW, DNS)
- M365 familiarity (Entra, Azure, Email)
- Security control frameworks (NIST, CIS, OWASP, AI RMF)
- CISSP or similar
- Applicable cloud vendor certifications
Company Overview
Company H1B Sponsorship