HMH

Senior Information Security Analyst

HMH

full-time

Posted on:

Location Type: Office

Location: MH • 🇺🇸 United States

Visit company website
AI Apply
Apply

Job Level

Senior

Tech Stack

AngularAWSAzureCloudGoogle Cloud PlatformJavaKubernetesMicroservicesNode.jsPythonReactSDLCSplunkSpringTerraform

About the role

  • Design and implement secure cloud architectures (AWS, Azure, GCP).
  • Secure services like IAM, VPC, S3, KMS, and containerized environments.
  • Develop and enforce cloud security policies and golden images.
  • Implement encryption strategies and monitor environments using tools like ORCA, SIEM, CSPM, CWPP.
  • Ensure compliance with GDPR, HIPAA, SOC 2, PCI DSS, ISO27001, and SOX.
  • Collaborate with Engineering, DevOps, Legal, and Risk teams.
  • Automate security workflows using Python, Java, PowerShell, Bash.
  • Lead application security remediation and incident response.
  • Address OWASP vulnerabilities and conduct forensic investigations.
  • Perform vulnerability assessments using SAST, DAST, IAST, RASP, WAF.
  • Advocate for secure SDLC practices and developer training.
  • Monitor cloud and on-prem infrastructure for security threats.
  • Support and implement controls for third-party attestations.

Requirements

  • 5+ years in cloud security, application security, and infrastructure management.
  • Strong scripting and automation skills (Python, PowerShell, Shell/BASH, Terraform).
  • Proficiency in web development frameworks (React, Angular, NodeJS, Spring, MVC, HTML, CSS).
  • Experience with vulnerability tools (SAST, DAST, IAST, RASP, WAF).
  • Familiarity with Kubernetes, microservices, DevSecOps tools.
  • Understanding of encryption, authentication, and IAM.
  • Experience with SIEM tools (Datadog, Splunk, Sumo Logic, Kibana).
  • Knowledge of AI/ML and automation in security workflows.
  • Strong communication and stakeholder engagement skills.
Benefits
  • Competitive salary
  • Flexible working hours
  • Professional development budget
  • Home office setup allowance
  • Global team events

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
cloud securityinfrastructure managementscriptingautomationencryptionvulnerability assessmentweb developmentDevSecOpsIAMmicroservices
Soft skills
communicationstakeholder engagementleadership
Certifications
GDPRHIPAASOC 2PCI DSSISO27001SOX