Sr Cloud Security Analyst

Sr Cloud Security Analyst

The Sr Cloud Security Analyst plays a key role in advancing the organization’s cloud security program by helping to design, implement, and manage security controls across multi-tenant cloud infrastructure and applications. This position contributes to architectural decisions, integrates security tooling, and helps define standards that align with the organization’s long-term cloud strategy.

Key Responsibilities

• Design, implement, and maintain secure cloud foundations and landing zones with consistent governance across cloud providers, primarily AWS and Azure. Support migration initiatives from on-premises environments to the cloud.
• Develop and refine cloud security strategies, standards, and requirements aligned with industry best practices.
• Deploy and manage cloud security solutions, including CASB, Cloud Security Posture Management (CSPM), and other native cloud controls to enhance visibility and enforce policies.
• Manage cloud Identity and Access Management (IAM), including role-based access controls, service accounts, privileged access, and integration with enterprise identity providers.
• Collaborate with application teams, infrastructure engineers, and solution architects to build and operate secure, scalable cloud environments. Provide technical guidance throughout cloud adoption and modernization efforts.
• Partner with internal and external auditors to ensure compliance with regulatory requirements such as SOX and PCI.
• Evaluate and secure SaaS solutions to meet both business and security requirements, including standards for identity management, encryption, and responsible AI usage.
• Assess emerging cloud services, platform capabilities, and AI-related tooling for potential adoption.
• Provide Tier 3 support for cloud-related security incidents by working with Security Operations to investigate threats, validate detections, and remediate vulnerabilities.

Qualifications

• Bachelor’s degree in Computer Science, Information Systems, or a related field, or equivalent professional experience.
• 4–6 years of combined IT and security experience, including exposure to systems analysis, application development, and database management; with at least 2–4 years focused on information security.
• Relevant certifications such as Security and/or AWS security certifications are preferred.
• Strong understanding of security controls, risk management, and incident response processes.
• Demonstrated experience supporting compliance initiatives, including SOX and PCI.
• Solid knowledge of cloud platforms such as AWS and Microsoft Azure, including their core services and security capabilities.
• Hands-on experience with AWS services (e.g., EC2, S3, IAM, VPC, Lambda) and familiarity with containerized environments (e.g., Kubernetes).
• Experience with monitoring and observability tools such as CloudWatch, Prometheus, and Grafana.
• Proficiency with Infrastructure-as-Code (IaC) tools and practices (e.g., Terraform, repositories, CI/CD pipelines).