Job Title: Security Senior Analyst – Cloud Security
Location: Irving, Texas
Remuneration: $150k – $180k
The ICG Technology Information Security department of our client is looking to add a Sr Cloud Security Analyst to its team. As Senior Security Analyst – Cloud Security, you will review the most critical applications and their technology stack from top to bottom. Therefore, in depth subject matter expert knowledge of application security is required, with thorough understanding of infrastructure and network security in context of Cloud deployment.
- Engage in the initial requirements definition (including analysis of threats and risks and alignment with the company’s IS and Architecture standards) for internal and public Cloud usage.
- Work with the development teams and SaaS vendors to assess the security guardrails for secure deployment of applications in private and public Cloud.
- Conduct security assessment of Cloud deployment projects, to ensure security gaps are identified and recommend remediation actions.
- Plan the resolution of any identified vulnerabilities/issues and govern them for closure
- Manage multiple security reviews of application deployments in Cloud including responsibility for driving requirements definition and risk analysis.
- Provide SME support to projects and programs.
- Reduce risk by analyzing the root cause of issues, their impact, and required corrective actions
- Lead and /or contribute to ad-hoc requests and projects as required
- Act as subject matter expert on Application Information Security and Cloud security topics during Audit meetings
- Identify opportunities for process improvement
- Alignment of processes across regions and globally, where possible
- Participation in Corporate and ICG-level working groups
- Ideally candidate who has worked in the financial sector, with 10+ years of experience in Information Security domain, with at least 5+ years of experience as application security consultant / security architect, with focus on assessing secure deployment of SaaS applications.
- Must have SME level knowledge of security guardrails for deploying applications in SaaS and public Cloud environment.
- In depth understanding of public Cloud and application architectures and technologies
- Thorough understanding of industry and corporate technology standards for Information and Application Security
- Strong understanding of information security and risk analysis processes, including threat modeling.
- Bachelor’s degree with industry certification such as CISSP, CCSP, and other vendor certification are highly preferred.