|
Search Jobvertise Jobs
|
Jobvertise
|
Cloud Security & Governance Analyst Location: US-TX-Austin Email this job to a friend
Report this Job
Title: Cloud Security & Governance Analyst Location: REMOTE No. of Openings: 2 Duration: 6+ months Contract These are mid to senior level roles. Looking for Only W2/1099 candidates. No OPT/H1B/CPT. Accepting only GC/Citizens Required Experience - Conducting compliance assessments by understanding business objectives, structure, policies and procedures, internal controls, and external regulations
- Performing continuous readiness and remediation tracking of cloud services and applications compliance and risks for data protection audits
- Appling Identity Management, Secure Development, Asset and Configuration Management knowledge and expertise to prevention and built-in compliance design challenges
- Strong analytical and problem-solving skills are needed to perform the job of a Cloud Security and Governance Advisor
- Ability to establish and maintain effective working relationships with application teams, first and second-level cloud control leaders/owners, and internal/external partners
- Experience in security monitoring methods, log analysis and security remediation consultation for data protection methods, vulnerabilities in cloud and software-enabled technologies
- Should be familiar with relating cyber threats such as viruses, spoofing, ransomware, and malware to preventive and detection services configured as cloud controls
- Should be familiar with emerging security threats and their attack vectors in components that enable cloud-native services, container and identity access management technologies
- Must be self-motivated and can function as an effective team member with little supervision and work instructions
- Document system technical operations, manual and automated processes and controls using descriptive and risk-focused narratives
- Assess the effectiveness of process and management controls against cloud control requirements defined to maintain required access, data and privacy protections
- Identify and recommend business process changes resulting in strengthened procedural, detective, and logging controls
- Collaborate with control owners to implement process changes and track to completion
- Advise and collaborate on projects by providing DevSecOps controls expertise and considerations
- Apply Identity Management, Secure Development, Asset and Configuration Management knowledge and expertise to prevention and built-in compliance design challenges
- Perform continuous readiness and remediation tracking of cloud services and applications for an audit
- Guide control owners in establishing operational processes and controls for SaaS solutions operating in a cloud provider
Highlights - Act as escalation point from business teams and
- Primary skill Cloud Security Controls Remediation Advisor / Monitor
- Some background in general IT controls monitoring, AWS and Azure Clouds Preferred; Good to have SQL query language
- Communication is key consultative remediate status tracking and monitoring
Preferred Experience - Possess strong organizational skills, attention to detail, excellent verbal and written English communication skills
- Understanding of network protocols (TCP/IP v4/6, SSL/TLS, IPSEC, FTP, HTTPS etc.)
- Understanding of native cloud compute resources, landing zones and behaviour health metrics Web Server, database and Security (firewall/NIDS/NIPS) logs and log formats.
- Understanding of String Parsing and Regular Expressions.
- Experience with scripting languages such as python or PowerShell
Responsibilities Responsible for serving as a Tier 1 Cloud Security & Governance Analyst. Primary duties may include, but are not limited to: - Perform the detailed and repeatable execution of all operational tasks as documented in Cloud Security & Governance (CS&G) subordinate procedures.
- Monitor CS&G Outlook Inbox and Service Now on-platform team notifications for consults, cloud security exceptions and Remediation Status tracking to closure.
- Perform corrective consults triage cloud control gaps based on cloud security exceptions submissions to include determining cybersecurity risk, and potential business impact.
- Analyse and assess security mitigation statements / narratives and escalate to appropriate internal teams for additional assistance in a timely manner
- Update all relevant documentation such as tickets, remediations and.
- Identify impact of control deficiencies on systems, and using available tools determine if data was exfiltrated.
- Provide tuning recommendations based on findings from assessments or vulnerability and threat information reviews.
- Serve as experts for security/information assurance policy recommendations.
- Build relationships with other client business units to strengthen cloud controls rigors throughout the organization.
- Responsible for long term analysis and investigation into Client cloud activities, and the creation of custom logic to detect unique access to Client's information assets.
- Draft reports and/or briefings for events/incidents.
Miracles Tek LLC
|