Staff CyberSecurity Analyst

Southern Glazer’s Wine and Spirits, LLCAddison, TX
18h

About The Position

The Staff Cybersecurity Analyst, Cloud Security plays a pivotal role in safeguarding the organization's cloud assets by leveraging advanced security tools and methodologies. This position involves conducting comprehensive cloud service and infrastructure assessments to identify and address policy deviations and investigating sophisticated security events to mitigate threats. The Staff Cybersecurity Analyst, Cloud Security is responsible for developing and implementing robust security integrations, managing complex operations, and maintaining system security. This role leads cloud incident response efforts, performs in-depth cloud vulnerability assessments, and conducts thorough risk assessments. Additionally, the Staff Cybersecurity Analyst, Cloud Security communicates cybersecurity improvements and provides strategic recommendations for informed risk management decisions. This position requires applying advanced concepts and practices to complete high-complexity assignments, coordinating work on multiple or cross-functional initiatives, and providing direct and indirect leadership within the team. The Staff Cybersecurity Analyst, Cloud Security ensures SGWS’s cloud security posture remains robust and effective through proactive measures and strategic oversight.

Requirements

  • Bachelor’s degree in related field (e.g., Cybersecurity, Computer Science, Computer Engineering, Information Technology, System Analysis, Business, etc.) or equivalent combination of education and work experience.
  • 8+ years of experience in IT/network security/cybersecurity with cloud focus.
  • Extensive experience in information risk concepts and principles, as a means of relating business needs to security controls.
  • Proficiency in advanced cloud security tools, technologies (e.g. CSPM, WAF) and best practices.
  • Expertise in network security protocols and practices.
  • Strong understanding of cloud security controls, conceptual models, and frameworks to monitor security posture and enhance security features.
  • Solid knowledge of current and emerging technologies.
  • Proficiency with security frameworks (e.g., NIST, ISO, etc.).
  • Experience in DevOps and Agile technology environments.
  • Proven experience in working with multiple, diverse technologies and processing environments.
  • Native-level proficiency/fluent in English.

Nice To Haves

  • Advanced Information Security Certifications, e.g., CISSP, etc.
  • Advanced Cloud Certifications and/or specialties, e.g., AWS Security Specialty, AWS Certified Solutions Architect, etc.
  • Extensive experience in the development and implementation of cloud security strategies, policies, and procedures.
  • Demonstrated problem-solving skills to anticipate, identify, and define problems and root causes.
  • Proven ability to manage several projects simultaneously, while balancing multiple stakeholder priorities.
  • Ability to educate various personnel regarding information security compliance, policies, and standards.
  • Knowledge of containerization technologies, such as Docker and Kubernetes, and how to secure applications within those environments.
  • Ability to monitor and report status on security matters to develop security risk analysis scenarios and response procedures.
  • Experience with security information and event management (SIEM) systems.
  • Knowledge and application of advanced threat detection and mitigation techniques.
  • Experience with diagramming tools (e.g. Visio, Miro, draw.io).
  • Experience with automation scripting (e.g. Python, PowerShell, Bash)
  • Experience with SaaS Security Posture Management (SSPM) platforms.

Responsibilities

  • Lead service, system, and infrastructure assessments of major cloud environments to identify deviations from acceptable configurations, or policies.
  • Work with internal and external teams to develop cloud-specific security policies, procedures, standards, guardrails and design security controls for IaaS, PaaS, and SaaS.
  • Work with developers to respond to escalated problems from System Administrators or other Engineers.
  • Maintain comprehensive documentation, understand and practice operating procedures, playbooks and other cloud security-related activities.
  • Monitor, track, and mentor on cloud projects, programs, tools, systems, applications and networks for security issues.
  • Regularly review Cloud Security Posture Management (CSPM) and Endpoint Protection findings to identify and address infrastructure configuration issues and security vulnerabilities proactively.
  • Utilize CSPM solution to monitor and manage the configuration of infrastructure-as-code (IaC) frameworks, ensuring strict adherence to established security standards and policies.
  • Collaborate with cross-functional teams to integrate security into the CI/CD pipelines and ensure continuous security throughout the software development lifecycle.
  • Implement, manage, and maintain a Web Application Firewall (WAF) to protect web applications and APIs from a variety of online threats.
  • Lead security assessments, evaluations and audits to determine compliance with published standards.
  • Collaborate with external teams to promptly address and resolve cybersecurity incidents, ensuring effective communication and coordinated response efforts.
  • Hypothesize & validate new threats and indicators of compromise.
  • Identify cyber threats by monitoring security systems, triaging alerts, and reviewing logs.
  • Research, analyze, and document the applicability and feasibility of Cyber technology to enhance SGWS security.
  • Ensure all operations are in accordance with operating procedures and report any issues to management.
  • Provide guidance on security options and decisions for concerns and violations.
  • Develop and support report generation for diverse stakeholders in Excel or other tools.
  • Participate in Information Security projects and support team efforts for day-to-day operations.
  • Provide technical support for routine security services.
  • Perform capacity and future growth planning of the enterprise security infrastructure to ensure a highly available security environment.
  • Administer cybersecurity technologies and ensure monitoring systems operate normally, escalating issues to management as needed.
  • Troubleshoot and evaluate risk management processes; assess and mitigate risks.
  • Apply laws, regulations, policies and ethics in daily practice.
  • Occasionally participate in after-hours in the event of emergencies or critical situations.
  • Employ strong creative, critical thinking and in-depth hands-on cloud experience to effectively identify, mitigate, and respond to security risks within complex, real-world cloud environments.
  • Maintain awareness of emerging cloud threats to proactively defend against evolving attack vectors and ensure a resilient security posture in dynamic cloud environments.
  • Advanced knowledge of all cloud security pillars, including Identity and Access Management (IAM), Data Encryption and Protection, Network Security (firewalls), Infrastructure/Workload Protection (virtual machines, containers, and serverless functions), and Incident Response and Recovery.

Benefits

  • comprehensive medical and prescription drug coverage
  • dental and vision plans
  • tax-saving Flexible Spending Accounts
  • disability coverage
  • life insurance plans
  • a 401(k) plan
  • tuition assistance
  • a wellness program
  • parental leave
  • vacation accrual
  • paid sick leave
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service