Senior Cloud Security Analyst/Engineer

Remote Full-time
About the position

Maintain and monitor Network Intrusion Detection/Protection (IDS/IPS) rules.
Perform cloud security administration for Firewalls, Endpoint Protection tools, Windows & nix patching tools.
SIEM: ability to create and manage cloud alerting events. Experience with AI-enabled enterprise products such as Splunk or LogRhythm desired. Configure or perform security event scanning, detection, and analysis using available tools and platforms. Review, collect, analyze, and correlate malware and security events from network security tools and provide results and recommendations to management. Correlate SIEM events for early warning, alerting, trends and prevention. Analyze event data received to eliminate false positives and identify security events. Conduct trend analysis of security events to identify anomalous malicious activity and related events.
Monitor and review cloud-based LDAP/Active Directory accounts.
Maintain and update security incident tickets within corporate ITSM. Review and update assigned ITSM security tasks. Open tickets for identified security events and incidents. Manage assigned tickets by working with appropriate staff.
Assist with investigations into cloud security intrusions, events, incidents, or suspicious activities. Monitor the cloud network and supporting systems to detect security compromise events. Provide reports and updates to management as needed.
Incorporate input from N/SOC staff and external vendor personnel to validate potential cloud events and incidents.
Monitor various cyber security threat portals and other credible sources for cyber threat information.
Monitor security group mailbox for email alerts and user requests.
Provide reports and attend scheduled and ad-hoc meetings as necessary. Provide network and security operations technical analysis, assessment, and recommendations to CMA staff and management as needed. Provide cloud security threat prevention recommendations.
Provide enterprise-wide network systems and applications systems security log auditing or audit artifacts as needed.
Additional job duties as required.

Responsibilities
• Maintain and monitor Network Intrusion Detection/Protection (IDS/IPS) rules.
• Perform cloud security administration for Firewalls, Endpoint Protection tools, Windows & nix patching tools.
• SIEM: ability to create and manage cloud alerting events.
• Configure or perform security event scanning, detection, and analysis using available tools and platforms.
• Review, collect, analyze, and correlate malware and security events from network security tools and provide results and recommendations to management.
• Correlate SIEM events for early warning, alerting, trends and prevention.
• Analyze event data received to eliminate false positives and identify security events.
• Conduct trend analysis of security events to identify anomalous malicious activity and related events.
• Monitor and review cloud-based LDAP/Active Directory accounts.
• Maintain and update security incident tickets within corporate ITSM.
• Review and update assigned ITSM security tasks.
• Open tickets for identified security events and incidents.
• Manage assigned tickets by working with appropriate staff.
• Assist with investigations into cloud security intrusions, events, incidents, or suspicious activities.
• Monitor the cloud network and supporting systems to detect security compromise events.
• Provide reports and updates to management as needed.
• Incorporate input from N/SOC staff and external vendor personnel to validate potential cloud events and incidents.
• Monitor various cyber security threat portals and other credible sources for cyber threat information.
• Monitor security group mailbox for email alerts and user requests.
• Provide reports and attend scheduled and ad-hoc meetings as necessary.
• Provide network and security operations technical analysis, assessment, and recommendations to CMA staff and management as needed.
• Provide cloud security threat prevention recommendations.
• Provide enterprise-wide network systems and applications systems security log auditing or audit artifacts as needed.
• Additional job duties as required.

Requirements
• Cloud SIEM familiarity (GCP SCC, Splunk)
• BCP/IR
• Endpoint detection & response (EDR) tools (Falcon, Symantec)
• Cloud Infrastructure security tools (GCP SCC, GCP Cloud Armor, AWS tools, IDS/IPS, FW, DNS)
• M365 familiarity (Entra, Azure, Email)
• Security control frameworks (NIST, CIS, OWASP, AI RMF)

Nice-to-haves
• Experience with AI-enabled enterprise products such as Splunk or LogRhythm desired.
• CISSP or similar
• Applicable cloud vendor certifications

Apply tot his job

Apply To this Job
Apply Now →

Similar Jobs

Experienced Registered Behavior Technician for In-Home ABA Therapy - Atlanta, GA

Remote

Immediate Hiring: Experienced Registered Behavioral Technician (RBT) for Clinic-Based ABA Therapy Services

Remote

Experienced Registered Behavioral Technician (RBT) - ABA Therapy for Children with Autism Spectrum Disorder

Remote

Experienced Registered Nurse - Telehealth: Providing Remote Care Coordination and Patient Support

Remote

Experienced Substitute Teacher for Riverside County Schools - Join Scoot Education's Innovative Team

Remote

Experienced Substitute Teacher for San Bernardino County - Flexible Schedules & Competitive Pay

Remote

Experienced School Year Instructional Coach for High-Dosage Tutoring Programs in Edgewater Park, NJ

Remote

Experienced School Year Tutor for K-8 Students in Math and Literacy - Mickleton, NJ

Remote

Experienced Secondary Social Studies Teacher for Kansas - Flexible Hybrid Remote Arrangement

Remote

USPS Office Helper

Remote

Backend / Systems Engineer (AI) - San Mateo, CA

Remote

APx Sourcing & Procurement Specialist

Remote

Application Specialist

Remote

Senior Manager-Client Management

Remote

**Experienced Customer Service Representative – Pet E-commerce Retailer**

Remote

Experienced Customer Service Representative – Delivering Exceptional Remote Support to careerzynith Clients

Remote

Sales Representative must have a P&C license

Remote

Remote Healthcare Talent Acquisition Specialist

Remote

Remote Sales Representative -Entry Level Full Time & Part Time

Remote

Online Data Entry Administrative

Remote
← Back