Information Security Analyst (Cloud SOC)

The Cloud Information Security Analyst will be responsible for ensuring the security of the company's cloud assets and coordinating efforts with various stakeholders. They will collaborate with engineering, support, and company-wide teams to maintain security and compliance programs. The analyst will also provide recommendations for improving the platform's capabilities and monitor and protect the company's own environment. Required skills include experience in cloud security, vulnerability management, incident response, building and maintaining a Security Operation Center (SOC), and expertise in various security tools and technologies.

• Ensure the security of company assets, particularly in the cloud environment
• Collaborate with engineering, support, and company-wide teams to maintain security and compliance programs
• Share expertise with colleagues, stakeholders, and the community
• Provide recommendations for improving platform capabilities
• Monitor and protect the company's own environment
• Review and maintain cloud security posture, specifically in AWS/Azure
• Manage vulnerability, including risk classification, remediation, and false positive analysis
• Spot malicious activities and execute incident response tasks
• Build and maintain Security Operation Center (SOC) activities
• Set up security tools to automate recurring tasks
• Expertise in log management, security event correlation, DLP, EDR, SIEM, CSPM, CASB, etc.
• Experience with compliance and certification programs such as PCI, ISO 27001, and SOC 2 Type II
• Coordinate application security assessments, penetration testing, and network segmentation testing
• Analyze results and generate recommendations
• Proficiency in operating systems like Linux and Windows
• Understanding of technologies like K8s, Containers, CI/CD pipeline, and securing them
• Excellent attitude and experience in working effectively in a fast-paced, collaborative environment.

• 3-5 years of experience in a similar position
• Mandatory experience with reviewing and maintaining Cloud Security posture (AWS/Azure)
• Mandatory experience with vulnerability management, including risk-based classification, remediation, and false positive analysis
• Excellent skills in spotting malicious activities and executing incident response tasks
• Mandatory experience with building and maintaining SOC (Security Operation center) activities
• Experience in building/setting up security tools to automate recurring tasks
• Good expertise in Log Management, Security Event Correlation, DLP, EDR, SIEM, CSPM, CASB, etc.
• Experience with compliance and certification programs such as PCI, ISO 27001, and SOC 2 Type II
• Experience coordinating application security assessments, penetration testing, network segmentation testing, analyzing results, and generating recommendations
• Must be well-versed in operating systems such as Linux as well as Windows environments
• Must understand technologies like K8s, Containers, CI/CD pipeline, and be able to secure them
• Excellent attitude and demonstrated experience in working collaboratively and in a fast-paced environment.

• Competitive salary and benefits package
• Opportunity to work in a fast-paced and collaborative environment
• Chance to drive disruption in the Information Security industry
• Freedom to bring creative and thoughtful solutions to the table
• Opportunity to work with cutting-edge technologies like K8s, Containers, and CI/CD pipeline
• Ability to own security initiatives and deliver them in a timely manner
• Chance to improve overall security posture and find win-win solutions with stakeholders
• Support for professional development and growth through certifications
• Access to a global network of AppDirect-powered marketplaces
• Chance to work with top companies and brands in the digital economy