Cloud Security Ops Analyst

About The Position

Requirements

• Legally authorized to work in the United States
• 3 or more years of Information Technology experience
• 1 or more years of experience with major cloud providers, either Azure or AWS
• 1 or more years of experience with working with IT security controls, their design, implementation, or operation
• Willing and able (with or without reasonable accommodation) to work in a distributed/remote team environment where team members may be in different physical locations and time zones

Nice To Haves

• Bachelor’s degree or higher in Information Security, Computer Science, Information Technology, Management Information Systems, other related business field, other related technical field, or foreign equivalent
• Relevant certifications (e.g., CCSP, CISSP, AWS Certified Security Specialty) are highly desirable
• Experience in securing IT systems in cloud-based architectures and corporate environment
• Experience in implementing CI/CD and automation
• Understanding of IT development practices and languages
• Familiarity with regulatory frameworks (e.g., GDPR, HIPAA, PCI DSS) and cloud security standards (e.g., NIST, ISO/IEC 27017)
• Hands-on experience supporting or administering a cloud security policy platform
• Experience with cloud security tools (Wiz, etc.), monitoring solutions, risk assessment methodologies, and cloud security policy platforms
• Ability to analyze complex technical concepts and translate them into effective policies and procedures
• Experience with audits against security controls
• Good analytical skills / problem solving
• Very good communication, listening and teaching skills
• Ability to work with limited direction
• Project management experience in cloud security initiatives

Responsibilities

• Design automated security and compliance controls including Cloud Architecture, Engineering, Security Engineering and IT Security
• Review new incoming cloud services for shift-left and guard-right security controls to be implemented
• Periodically review existing cloud services for controls to be adjusted/created/retired
• Monitor, report and assign actions to responsible teams as outcomes of cloud security scans from Wiz, Azure Security Center, Amazon GuardDuty, Cloud Custodian, etc.
• Troubleshooting, diagnosing and fixing issues with existing security controls in conjunction with respective teams
• Staying current on security issues impacting cloud services, assessing impact to customers of existing services and identifying use cases for new security solutions
• Manage the review of identified security exceptions/deviations in conjunction with Cloud Architecture
• Provide guidance and training to staff on cloud security best practices and policy adherence
• Enabling the advancement of the cloud vision and strategy for ConocoPhillips

Benefits

• Medical, dental, vision, mental health support, and wellness programs.
• Competitive base pay, annual performance bonuses, and retirement savings plans.
• Paid time off, paid parental leave, and family support resources.
• Access to training, mentoring, and internal career mobility tools.
• Peer-nominated awards, inclusive culture, and employee resource groups.