Cloud Security Analyst (IGT1)

We are seeking a Cloud Security Analyst with 2–3 years of hands-on AWS Cloud Engineer or Cloud Operations experience who has moved into (or is moving into) cloud security. This role requires someone who has worked directly in AWS production environments and can apply that operational knowledge to identify, analyze, and remediate security risks using modern cloud security tools.

This is not an entry-level security role and not a penetration testing position. The role is focused on cloud security operations (SOC-style), ownership of findings, and driving remediation.

Key Responsibilities

• Monitor and analyze cloud security posture across AWS environments using:
  • Upwind (CSPM)
  • AWS Security Hub
  • AWS GuardDuty
  • AWS Inspector
• Monitor and respond to endpoint and workload security alerts using SentinelOne
• Identify, assess, and track:
  • CVEs
  • IAM misconfigurations
  • Cloud infrastructure security risks
• Logically analyze and triage security alerts/events and determine appropriate response and escalation
• Drive remediation of security findings by working directly with Cloud Engineering, DevOps, and Operations teams
• Apply hands-on AWS operational knowledge to recommend practical, implementable security fixes
• Maintain clear documentation of:
  • Security findings
  • Risk assessments
  • Remediation actions and outcomes
• Communicate security risks, priorities, and remediation status clearly to technical teams and leadership
• Support internal security standards, compliance requirements, and best practices
• Continuously improve cloud security workflows, alerting, and operational processes

Required Skills & Experience (Must Have)

• 2–3 years of hands-on experience as an AWS Cloud Engineer or Cloud Operations Engineer
• Direct experience operating production AWS environments
• Strong hands-on knowledge of AWS services, including:
  • IAM, EC2, VPC, Security Groups, CloudTrail, CloudWatch
• Experience using cloud and endpoint security tools such as:
  • Upwind (or similar CSPM platform)
  • AWS Security Hub
  • AWS GuardDuty
  • AWS Inspector
  • SentinelOne
• Strong understanding of cloud security fundamentals, including:
  • CVEs
  • IAM misconfigurations
  • Secure cloud architecture principles
• Experience in a cloud security operations or SOC-style environment
• Ability to logically evaluate security alerts and determine next steps
• Strong written and verbal communication skills
• Proven ability to work cross-functionally and drive issues to closure
• Detail-oriented with strong documentation and organizational skills

Nice to Have

• Upwind or CSPM tool hands-on experience
• Experience supporting SaaS platforms or regulated environments (e.g., healthcare, financial services)
• Exposure to compliance frameworks and internal security standards
• Background in DevOps or SRE-style operational teams
• Experience working with globally distributed teams

What We’re Looking For

• Someone who has actually built and operated AWS environments, not just reviewed them
• A self-starter who takes ownership of security findings end-to-end
• A strong communicator who can bridge cloud engineering and security
• A practical, execution-focused security professional

What Success Looks Like in This Role

• Security alerts are triaged quickly and accurately
• Findings are driven to remediation, not just reported
• Engineering teams trust and act on security recommendations
• Cloud security posture measurably improves over time
• Repeated misconfigurations and vulnerabilities are reduced

We champion flexibility and hybrid work options to support varying lifestyles and personal needs. At the same time, we value the power of in-person collaboration to build community, spark innovation, and strengthen connections. Our approach ensures you can work in ways that suit you best while still engaging with colleagues to share ideas and grow together. #LI-Hybrid #LI-DNP