Cloud Security Analyst

Overview

This is a contract to hire opportunity.

The Cloud Security Analyst will support the organization’s cloud security program by helping design, implement, and operate security controls across multi-tenant cloud-based infrastructure and applications. This role will contribute to architecture decisions, security tooling integration, and the development of security standards that support the organization’s long-term cloud strategy.

Responsibilities

• Design, implement, and maintain secure cloud foundations and landing zones with transferable governance across cloud providers, primarily in AWS & Azure. Support cloud migration projects from on-premises environments.
• Design and develop cloud security strategy, standards and requirements alongside security best practices.
• Deploy and manage cloud security technologies such as CASB, cloud security posture management (CSPM), and other cloud-native security controls to improve visibility and enforce security policies across cloud environments.
• Govern cloud identity and access management (IAM) including role-based access controls, service accounts, privileged access management, and integration with enterprise identity providers.
• Work closely with application teams, infrastructure engineers, and solution architects to design, build, and operate secure, scalable cloud platforms. Provide technical guidance throughout cloud adoption and modernization efforts.
• Work with both internal and external auditors to ensure compliance with all relevant regulations including, but not limited to, SOX and PCI.
• Securely guide SaaS solutions to meet security and business requirements, ensuring compliance with cloud security, identity management, encryption, and responsible AI guidelines.
• Evaluate new cloud services, platform capabilities, and AI infrastructure tooling for adoption.
• Provide Tier 3 support for cloud-related security incidents, partnering with Security Operations to investigate suspicious activity, validate detections, and remediate security issues within cloud platforms.

Must Have

• Preferred certifications include Security+ or relevant security-AWS certifications.
• Bachelor’s Degree in Computer Science, Information Systems, or other related field. Or equivalent work experience.
• Typically has 4 to 6 years of combined IT and security work experience with a broad range of exposure to systems analysis, application development, database design and administration; 2 to 4 years of experience with information security.
• Must be familiar with general security controls and incident management.
• History of ensuring compliance with both SOX and PCI.
• Articulate and maintain a solid understanding of various technology capabilities present in Amazon Web Services (AWS), Microsoft Azure, or other similar providers.
• Knowledge of "AWS" Platform preferably 2+ years AWS/Kubernetes experience or container-based technology.
• Strong hands-on experience with AWS services (EC2, S3, IAM, VPC, Lambda, etc.).
• Familiarity with monitoring tools (CloudWatch, Prometheus, Grafana).
• Hands-on knowledge of an Infrastructure-as-Code and associated technologies (e.g., repos, pipelines, Terraform, etc.).

Nice to Have

• Self-starter with ability to multitask and strive in a fast-paced, high volume environment.
• Ability to think analytically and approach matters in a solution-oriented manner.
• High-level of written and verbal communication skills.
• Strong organizational skills with excellent attention to detail.