Overview
The Cloud Security Analyst works within the Carter Center Information Technology (IT) Team to evaluate, implement, and monitor security controls for cloud services, primarily associated with Microsoft Azure. The position is responsible for optimizing application monitoring and network threat detection, event analysis and correlation, and incident response activities; automating the secure design and deployment of cloud-based resources and endpoints; and developing secure migration procedures for transferring and storing data in the cloud environment.
FORMAL JOB DESCRIPTION:
The Cloud Security Analyst works within The Carter Center IT Team to evaluate, implement, and monitor security controls for cloud services, primarily associated with Microsoft Azure.
Responsible for optimizing application monitoring and network threat detection, event analysis and correlation, and incident response activities; automating the secure design and deployment of cloud-based resources and endpoints; and developing secure migration procedures for transferring and storing data in the cloud environment.
Maintains and monitors the security of cloud infrastructure using Intrusion Prevention Systems (IPSes), Anomaly Detection Systems (ADSes), rule-based network flow appliances like WAFs, conditional access rules, compliance policies and other tools to detect potential vulnerabilities, prevent active malicious activity and recover from security incidents.
Establishes and supports standard incident containment, digital forensics, and other security procedures to limit the impact of security incidents.
Queries and correlates events from source devices and activity logs using Python-based regular expressions, a query language like KQL or SQL, and data analysis techniques like filters, joining and pivoting.
Captures security incident details, prepares reports and reviews meetings, and plans and participates in periodic tabletop exercises.
Supports and provides guidance to the security architecture, including identity and access management (IAM), virtual private networks (VPNs), wireless access points, backup/recovery technologies and procedures, data storage and transfer, application and service hardening, and endpoint configuration compliance.
Supports troubleshooting activities for managed applications and devices as needed by the IT Team.
Provides assistance regarding information security matters such as the interpretation of information security policies and requirements or their applicability to specific situations.
Supports, maintains, monitors, troubleshoots, and enhances security infrastructure tools, methodologies, software, and hardware across Carter Center sites.
Drafts and reviews information security policies, processes, and procedures.
Determines and documents information security requirements and controls necessary for the protection of information resources.
Supports and trains IT managers in effective security operations as they are formalized.
Supervises interns or contractors as needed, and must be able to work effectively within the IT Team and across different departments and country offices.
Maintains professional growth and development of self by identifying educational/training programs, professional organizations, activities, and resources to maintain knowledge of international security trends and to promote leading edge expertise.
May travel and perform other related responsibilities as required.
Hostile Environment Awareness Training (HEAT) may be required for certain travel locations.
MINIMUM QUALIFICATIONS:
A bachelor’s degree in Cybersecurity or Digital Forensics and two years of relevant IT cloud experience which includes security analyst/support and knowledge of cybersecurity frameworks, OR an equivalent combination of education, training, and/or experience. CompTIA Cybersecurity Analyst (CySA+), GIAC Security Essentials (GSEC), EC-Council Certified Ethical Hacker (CEH) or equivalent certification is a plus.
PREFERRED QUALIFICATIONS:
Familiarity with common cybersecurity frameworks, including NIST CSF, CIS Controls, CSA Cloud Controls Matrix, OWASP Top 10, and MITRE ATT&CK CSA Certificate of Cloud Security Knowledge (CCSK), (ISC)2 Certified Cloud Security Professional (CCSP), Microsoft Certified: Security Operations Analyst Associate, and/or Microsoft Certified: Azure Security Engineer Associate certifications.
Familiarity with Windows, Linux, and MacOS authentication mechanisms and log configuration and monitoring. Experience securing and monitoring SaaS, IaaS and PaaS resources in Microsoft Azure and Microsoft 365.
Familiarity with the configuration and deployment of cloud-based security appliances and event monitoring systems, such as Microsoft Sentinel, Microsoft Defender for Cloud, Application Insights, Azure Monitor, and Azure Application Gateway.
Experience with log analysis, event correlation, incident management, mobile device management, service and protocol hardening, application deployment and configuration, penetration testing, and vulnerability assessment.
Applicants must be currently authorized to work in the United States for any employer.
NOTE: This role will be granted the opportunity to work from home regularly but must be able to commute to The Carter Center on a flexible weekly schedule based upon business needs. Schedule is based on agreed upon guidelines. The Carter Center reserves the right to change remote work status with notice to employee.