Cloud Security Analyst
Job title
Cloud Security Analyst
Job description
We are currently recruiting for a Cloud Security Analyst to work with internal security tools and outsourced SOC to investigate security alerts and provide incident response duties across PaaS & SaaS environments. You will ensure security measures and controls to protect and monitor systems is operational and effective, as well as, identifying potential configuration weaknesses & vulnerabilities and work with IT colleagues to implement remediation measures in line with IT operational procedures.
As the Cloud Security Analyst you will work with the IT Security Manager to help assess proposed changes to controls against best practice and organisational risk appetite and provide a point of contact for end-user and Service Desk enquiries relating to Cloud Security matters.
You will be:
- Responsible for managing all cyber security incidents raised by the Service Desk, SOC, or any security tools and ensuring all incident information is captured.
- Produce risk assessments for any ongoing threats or vulnerabilities which may exist post-incident.
- Monitor security tools for effectiveness and suggest any remedial action necessary to maintain their effectiveness.
- Creating and maintaining information security operational runbooks.
- Taking part in security testing and liaising with other IT teams for resources where required.
- Assist with the production and maintenance of IT Security policies, processes and procedures.
Skills:
Essential:
- Previous experience in Cyber Security incident response, engineering and design or governance.
- In depth knowledge of networking and network security technologies within a cloud context, cloud-based security controls such as email/web filtering, conditional access, PAM & IAM, SIEM and Log monitoring/management.
- In depth knowledge of Microsoft’s suite of cloud technologies and security tools
- Good knowledge of Cloud security & governance best practice.
- Able to work under own initiative, with minimal supervision.
- Strong relationship management with technical teams.
- Ability to solve security-related technical problems and implement innovative solutions
- Manage root cause analysis reviews, ensuring improvement plans are documented and managed through to completion
- Able to review output from security tools to build an analytical picture of a security incident.
- Excellent analytical skills; the ability to view a problem from different angles
- Proven ability to provide technical advice, leadership, and direction to more junior IT Staff
- Strong in risk and issue management to enable IT security and other IT teams to work symbiotically.
- Apply a continuous improvement process, learning from completed work where to improve efficiency and the value of the IT security function.
- Able to build effective relationships and manage internal and external stakeholders
Desirable:
- Understanding of compliance requirements such as ISO27001.
- Experience with using and integrating vulnerability assessment tools in a cloud environment
- Microsoft Cloud Security qualification
If you feel you have the skills and experience needed for this position please do apply now.