Cloudaction AWS Cloud Security Analyst in Houston, Texas
The AWS Cloud Security Analyst will work closely with the architects, infrastructure teams, developers, and business unit stakeholders to create, update, and maintain internal policies and documentation. This role will also require you to continually stay up to date on zero days, CVEs, NVD reports, widespread attack vectors, and mitigation controls by reading applicable blogs by SANS, Cisco Talos teams, and other industry recognized sources.
As part of your daily operational work, you will review current and historical alerts, potential indicators of compromise, and exposure to new threats being discovered in the wild. You can never predict how attackers will attempt to compromise an environment, so you must be able to decipher information from various types of tools including AWS security solutions, infrastructure monitoring and management, performance management, etc. You will review all sources of information including APM and billing reports to identify usage anomalies which may indicate zero day or otherwise unexpected attacks already in the wild. Your analysis should include evaluating false positives as well as false negatives.
5+ years hands-on experience as a cloud security analyst
Thorough understanding of security principles and controls such as CSA Cloud Controls Matrix (CCM) which incorporates
Participated in internal company and 3rd party audits such as FedRAMP ATO, SOX, etc.
Contributed to multiple Disaster Recovery and Business Continuity exercises for a HA Cloud application. Subsequent to the exercise, participated in the post-mortem discussion, document lessons learned, identify weaknesses that can be corrected, and note which components cannot yet be fully tested. Incorporated all identified problems in detection and mitigation strategy as appropriate.
Solid understanding of security requirements and implementation approach from other teams such as network, DBA, Windows sysadmin, Linux sysadmin, application development, other infosec teams, legal, compliance, and risk management.
Familiarity with open source and commercial tools to evaluate, test, monitor, and correct security coverage and identified gaps.
Must be able to identify attack vectors leveraging obfuscated code
Python, Perl, bash, SQL, and PowerShell scripting knowledge for in depth analysis of any data input requiring more extensive correlation via ETL processes.
Comprehension of supply chain management dependency issues to validate that third party components are kept up to date as many attacks are occurring via this channel
Nice to have skills: familiar with BMC Helix Cloud Cost and BMC Helix Cloud Security
AWS Certified SysOps Administrator ? Associate
AWS Certified Security - Specialty
GIAC Critical Controls Certification (GCCC)
GIAC Defensible Security Architecture (GDSA)
(ISC)² Certified Cloud Security Professional (CCSP)
(ISC)² CISSP Information Systems Security Architecture Professional Concentration (CISSP-ISSAP)
ISACA Cybersecurity Practitioner Certification (CSX-P)
OSCP Certified Professional
OSEP Experienced Penetration Tester
ITIL v3 or ITIL 4
Cloudaction is committed to creating a diverse work environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity and expression, national origin, age, marital status, disability, veteran status, genetic information or any other basis protected under applicable discrimination law.