A Brief Overview
The Analyst, Info Security-Cloud will work to promote and ensure the security of the company and its customers' data through the rigorous application of tools and skills for the purpose of intrusion/breach prevention, threat hunting, and incident response for cloud focused infrastructure and resources. Will endeavor to maintain the tactical advantage against adversaries through continuous research, development, involvement in peer security groups, and the procurement of tools/services to fill gaps that are identified in our security posture. This Analyst role will be specifically focused on the maintenance, implementation, and maturity of the company’s Cloud infrastructure in a large enterprise environment.
What you will do

• Lead complex implementation projects.
• Manage vendor efforts in conjunction with project plans.
• Balance multiple projects and multiple tasks while meeting agreed upon objectives.
• Maintain documentation on an on-going basis of the security aspects of our network and applications; include documentation updates as an integral part of every project.
• Evaluate cloud security solutions for potential fit with company’s security requirements.
• Actively participates in the design, enforcement, and validation of cloud security policies for various cloud infrastructures.
• Work effectively with auditors in the evaluation of cloud security policies, procedures, and infrastructure.
• Provide input on various design topologies from a security perspective and identify the pros and cons of each approach.
• Stay up to date on emerging cloud vulnerabilities and take appropriate action to minimize the impact of these vulnerabilities on affected systems.
• Perform vulnerability assessments of various cloud hosts and networks using appropriate scanning tools.
• Consult on security aspects of software design and make recommendations.
• Troubleshoot cloud security-related problems; coordinate resolution with internal technical resources and vendors.
• Train other personnel on the company’s security policies and procedures; assist in the development of company-wide security training programs.
• Actively participate in all security-related strategic planning efforts.
• Monitor access to our cloud infrastructure to ensure that security policies have been implemented correctly and are functioning properly.
• Maintain knowledge of current technology and developing technology in the cloud security space.
• Mentor other personnel.
• Perform other duties and projects as assigned.
• Understand and comply with all provisions of the Safety in the Workplace policy.

Minimum Requirements

• Typically requires a bachelor's degree in related field and a minimum of 2 years of related experience.
• A combination of post-high school education, job related certification and related experience equivalent to 5 years may be considered in lieu of minimum requirements

Preferred Requirements

• Bachelor’s Degree in Computer Science or other technical field preferred

Knowledge, Skills, and Abilities

• Strong knowledge of Cloud Security Posture Management (CSPM)
• Strong knowledge of public cloud infrastructure such as AWS/Azure/GCP
• Working knowledge of Cloud Workload Protection (CWP)
• Understanding of compliance frameworks such as NIST, PCI, CIS
• Working knowledge of Endpoint Detection and Response solutions
• Working knowledge of cloud event logging and Security Information Event Management (SIEM) solutions
• Strong organizational skills
• Strong technical problem-solving skills
• Collaborate with cross-functional teams in order to implement security solutions
• Effectively communicate with individuals and business groups about their needs and ask the right questions related to the security of a product or vendor
• Strong understanding of LAN and WAN protocols, including TCP/IP, SNMP, DNS, and SMTP
• Understanding of application security and best practices
• Working knowledge of software defined networking and how it relates to cloud infrastructure
• Working knowledge of how security is implemented in equipment and on various host platforms; knowledge should include a good understanding of firewalls, packet filtering routers, and the security mechanisms implemented in various operating systems
• Good understanding of various security technologies including VPN's, IPSec, strong authentication methodologies, encryption, and digital certificates
• Working knowledge of various security tools including syslog analyzers, intrusion detection software, penetration scanning software, and host audit software
• Understanding of malware and how to detect and remediate infections
• Excellent writing skills to communicate information effectively to non-technical and technical stakeholders with the appropriate level of detail
• Strong understanding of incident response procedures

Working Conditions and Physical Requirements

• Frequently remains stationary throughout a typical business day
• Frequently operates a computer and other office machinery, such as a calculator, copy machine, and computer printer
• Occasionally moves about inside the office to access file cabinets, office machinery, and other rooms
• Occasionally positions self to access drawers and shelves of various heights
• Frequently reaches for and handles paperwork and files
• Constantly communicates with customers, coworkers, and management in-person and on the phone
• Must be able to exchange accurate information
• Provide after hours support (on-call)

Unison Systems Inc. is a full-service IT consulting firm that offers staffing, consulting, direct-hire recruiting and solutions delivery services. Core areas of service include: •Software Engineering •Data Management •Project/Program Management •Infrastructure & Support