[Remote] Senior Cloud Security Analyst/Engineer

Note: The job is a remote job and is open to candidates in USA. CMA is a company focused on cloud security solutions, and they are seeking a Senior Cloud Security Analyst/Engineer to maintain and monitor security systems and respond to incidents. The role involves managing cloud security tools, analyzing security events, and providing recommendations to enhance security measures.

Responsibilities

• Maintain and monitor Network Intrusion Detection/Protection (IDS/IPS) rules
• Perform cloud security administration for Firewalls, Endpoint Protection tools, Windows & *nix patching tools
• SIEM: ability to create and manage cloud alerting events
• Experience with AI-enabled enterprise products such as Splunk or LogRhythm desired
• Configure or perform security event scanning, detection, and analysis using available tools and platforms
• Review, collect, analyze, and correlate malware and security events from network security tools and provide results and recommendations to management
• Correlate SIEM events for early warning, alerting, trends and prevention
• Analyze event data received to eliminate false positives and identify security events
• Conduct trend analysis of security events to identify anomalous malicious activity and related events
• Monitor and review cloud-based LDAP/Active Directory accounts
• Maintain and update security incident tickets within corporate ITSM
• Review and update assigned ITSM security tasks
• Open tickets for identified security events and incidents
• Manage assigned tickets by working with appropriate staff
• Assist with investigations into cloud security intrusions, events, incidents, or suspicious activities
• Monitor the cloud network and supporting systems to detect security compromise events
• Provide reports and updates to management as needed
• Incorporate input from N/SOC staff and external vendor personnel to validate potential cloud events and incidents
• Monitor various cyber security threat portals and other credible sources for cyber threat information
• Monitor security group mailbox for email alerts and user requests
• Provide reports and attend scheduled and ad-hoc meetings as necessary
• Provide network and security operations technical analysis, assessment, and recommendations to CMA staff and management as needed
• Provide cloud security threat prevention recommendations
• Provide enterprise-wide network systems and applications systems security log auditing or audit artifacts as needed
• Additional job duties as required

Skills

• Cloud SIEM familiarity (GCP SCC, Splunk)
• BCP/IR
• Endpoint detection & response (EDR) tools (Falcon, Symantec)
• Cloud Infrastructure security tools (GCP SCC, GCP Cloud Armor, AWS tools, IDS/IPS, FW, DNS)
• M365 familiarity (Entra, Azure, Email)
• Security control frameworks (NIST, CIS, OWASP, AI RMF)
• CISSP or similar
• Applicable cloud vendor certifications

Company Overview

Company H1B Sponsorship