Security Operations Analyst
Cority
full-time
Posted on:
Location Type: Hybrid
Location: California • United States
Visit company websiteExplore more
About the role
- Monitor, assess, and maintain security controls within cloud environments
- Responsible for oversight of the vulnerability management program, including penetration testing, participating in reviews of vulnerability and security log reports, creation of mitigation actions and remediation plans, and tracking/monitoring to completion
- Manage the overall Security Awareness program for Cority, including annual training, quarterly phishing campaigns
- Participate in vendor management process, and customer audit process
- Liaise with CloudOps team to manage cloud security using security best practices and frameworks
- Participate in the design and implementation of security for all cloud environments
- Monitor, assess, and maintain security controls within cloud environments to safeguard data systems
- Leverage security tools within the cloud to proactively identify security threats, analyse root causes of security violations, and recommend corrective actions
- Integrate cloud security technologies with existing toolsets such as SIEM, EDR, and IAM solutions
- Serve as a cloud-security subject matter expert to support CloudOps, Enterprise IT, and risk analysis programs by performing, analysing, and documenting
- Ensure that all cloud tool sets and their integrations are properly maintained to meet stated policies, audit requirements and industry best practices
- Identify and maintain KPIs and other metrics that show the effectiveness of the program
- Provide Security Incident Response support and participate in the development of business cases and presentations on cloud security technologies
- Apply knowledge of the above skill areas to assist with the GRC program
Requirements
- Minimum 5+ years of Information Security experience
- 3+ years of implementing cloud security for cloud infrastructures such as Azure and AWS.
- 3+ years of experience managing security within the Amazon Web Services (AWS) environment
- Current knowledge and thorough understanding of Information Security issues, threats and trends
- Demonstrated knowledge in the areas of risk assessment, strong understandings of secure communications, secure data storage, secure systems development, secure systems deployment and documentation
- Demonstrated understanding of the real-world application of security and risk frameworks including ISO/IEC 27001, SOC 2 Type 2, NIST and FedRAMP (ISO42001 is an asset)
- Assets: CISSP, CCSP, CISA, or other relevant industry related certifications
- Experience with ELK, AI, FedRAMP, GitLab
Benefits
- An opportunity to work in a values-driven, performance oriented, dynamic and growth focused culture
- We support a remote working environment with a one-time home office allowance and subsidized monthly internet allowance
- Competitive health benefits, dental plans, and retirement savings plan (RRSP, 401K plan etc.)
- Annual fitness allowance
- Mental health support provided through access to Calm Premium meditation app and access to Talkspace
- Access to Udemy, internal training programs, annual training allowance and certifications (if applicable), and High Talent Programs
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
cloud securityvulnerability managementpenetration testingrisk assessmentsecure communicationssecure data storagesecure systems developmentsecure systems deploymentsecurity incident responseKPI tracking
Soft Skills
communicationleadershiporganizational skillsanalytical skillsproblem-solving
Certifications
CISSPCCSPCISAISO/IEC 27001SOC 2 Type 2NISTFedRAMP