CrowdStrike

Cloud Security Consultant

CrowdStrike

full-time

Posted on:

Origin:  • 🇺🇸 United States

Visit company website
AI Apply
Manual Apply

Job Level

Mid-LevelSenior

Tech Stack

AWSAzureCloudCyber SecurityGoogle Cloud PlatformPython

About the role

  • The Cloud Security Consultant would be responsible for identifying and assessing technical risks, while providing meaningful and prioritized recommendations to enhance the security posture of cloud environments.
  • Perform technical analysis looking for risky configurations, attack paths, and architectural flows that may expose cloud resources to cyber threats.
  • Produce high-quality written and verbal reports, presentations, recommendations, and findings to security stakeholders.
  • Contribute to tool development and methodologies to continuously improve and evolve service offerings.

Requirements

  • Cloud Knowledge: An intermediate-level understanding of one or more of cloud platforms (AWS, Azure, and GCP), with a specific emphasis on identity, security, networking, compute, serverless, and storage services.
  • Architecture: Fundamental knowledge of cloud architecture and design principles, including security and resiliency considerations.
  • Logging & Monitoring: An understanding of logging, monitoring, and alerting to detect unauthorized access to cloud resources.
  • Automation: An ability to create search queries and dashboards in analytics platforms and write automation scripts in Python or another scripting language.
  • Protocols: Knowledge of API authentication and authorization, including identity protocols, such as OAuth, SAML, and OpenID Connect.
  • Configuration Analysis: Hands-on experience reviewing cloud security configurations, including configuration chaining and attack path mapping.
  • Communication: Strong ability to communicate analysis findings to clients, including technical and executive audiences, and legal counsel. Experience/training in the topics below is beneficial but not essential for consideration:
  • Cloud Incident Response: knowledge in AWS, Azure, M365, or GCP incident response methodologies.
  • DevSecOps: Familiarity with modern cloud workloads and deployment models - DevSecOps, CICD pipelines, containers, and related security defenses and pitfalls. Additionally, all candidates must possess the following qualifications:
  • Capable of completing technical tasks without supervision.
  • Desire to grow and expand both technical and soft skills.
  • Strong project management skills.
  • Contributing thought leader within the cloud security/incident response industry.
  • Ability to foster a positive work environment and attitude. Education/Certifications: BA or BS / MA or MS degree in Computer Science, Computer Engineering, Math, Information Security, Information Assurance, Information Security Management, Intelligence Studies, Cybersecurity, Cybersecurity Policy, or a related field. Applicants without a degree but with relevant work experience and/or training will be considered. Holders of a CISSP, CISA, CISM, CCSP, or any practitioner or security certifications in AWS, Azure and GCP or other cloud/SaaS platforms may be considered in lieu of or in addition to a degree.