Security Analyst (W2 & Locals Only)

About this Position:

Job Title: Security Analyst

Essential Responsibilities:

• Perform threat identification and analysis of risks to the Agency Cloud environments.
• Conduct penetration testing and vulnerability assessments on Azure cloud infrastructure and applications.
• Provide input and feedback on cloud/hybrid architectures related to Security.
• Assist in the implementation and advancement of Continuous Monitoring and Incident Response processes and procedures.
• Assist in investigation and remediation of Compliance policy violations, security incidents and related issues.
• Investigate and remediate compliance policy violations, security incidents, and related issues.
• Serve as a Security Point of Contact for matters related to Securing Cloud Infrastructure.
• Consult on, and provide requirements for critical projects and initiatives.
• Create and maintain documentation for security processes and penetration testing results.
• Revise documents and artifacts as tactics and techniques evolve to address new and emergent threats and trends.
• Work with stakeholders to advance security efforts of the Agency Cloud Environments.
• Raise the awareness level of cloud security in the agency.
• Conduct Security Assessments to identify areas of risk and ensure gaps are remediated.
• Effectively communicate to management and business stakeholders the status of projects and issues as they relate to Cloud Security.
• Perform security posture assessments using Azure-native tools (Microsoft Defender for Cloud, Azure Security Center, etc.).

REQUIRED SKILLS:

• 5 years of Cyber Threat Monitoring, Detection, Response and Incident Handling.
• Knowledge of OWASP Top 10 and cloud-specific attack vectors.
• Experience with vulnerability management and remediation in cloud environments.
• 5 years of experience of I.T. working with Windows, Linux, Cloud technologies or Web-based applications.
• Hands-on experience with penetration testing tools (Burp Suite, Metasploit, Nmap, Kali Linux).

PREFERRED SKILLS:

• 3 years of experience with Cloud platforms (in order of preference) such as Microsoft Azure, Amazon Web Services (AWS) and/or GCP.
• Experience with Prisma Cloud, Dome9 or similar Cloud Security capabilities.
• Prior experience working with cloud security and governance tools, cloud access security brokers (CASBs), and Infrastructure as Code (IaC).
• Experience with designing and deploying an Inspection architecture in a Cloud Environment.
• Experience with full-stack deployment.

PREFERRED EDUCATION/CERTIFICATIONS:

• BS degree in computer science, information technology, engineering or similar discipline.
• Microsoft Certified: Azure Security Engineer Associate).
• COMPTIA CLOUD .
• Network security certifications.
• CISSP.
• AZURE SECURITY ENGINEER ASSOCIATE.

"No phone calls please."