This Cloud Security Operations position will be primarily focused on ensuring processes and tools are implemented to respond to security alerts generated from cloud hosted systems and applications to protect the company’s assets from unauthorized use, modification, or destruction. In addition, this person will seek out events of interest, investigate, and coordinate updates to processes and tools to ensure security controls are functioning efficiently and effectively.
This role will be responsible for interfacing with the cloud development, security engineering, DevOps, and infrastructure teams to provide technical and operational input to management for applicable security policies, standards, risk/threat models, procedures, and guidelines that will assist the teams in integrating security requirements within their networks, systems, applications and databases.
This position is expected to be fully aware of the enterprise’s security goals as established by its stated policies and to actively work toward upholding those goals. Management of projects and leading less senior personnel within the Security Operations Center is expected.
- In conjunction with security architecture and engineering, builds the infrastructure and tools needed for managing the day-to-day security operations for our cloud data services. This will include, but not limited to, automating security monitoring tools, log analytics, and enhancing security’s visibility in the cloud.
- Lead monitoring the security health of the company’s cloud hosted information assets through regular logging, monitoring, scanning, response, investigation, post-mortem.
- Assist in managing the relationship with the SOC and other business units to analyze all security-related events and activities to provide reporting of statistics and metrics.
- Recognize and identify potential areas where existing policies and procedures require change, or where new ones need to be developed.
- Participates in documenting security procedures.
- Research current solutions and technologies that provide analysis of network and systems to ensure they meet new and existing information security standards.
- Review information security trends and news sources for emerging threats and vulnerabilities.
- Monitors applications and systems for the occurrence of security incidents and respond using incident response best practices.
- Manages the work of junior team members and provides leadership and training on new tools or projects.
- Solid understanding of cloud technologies and deployments, specifically using Microsoft Azure PaaS, IaaS, and SaaS offerings.
- Experience in healthcare or other regulated environment such as SOX, PCI, or HIPAA.
- Strong Microsoft technology stack knowledge: Windows; IIS; SQL Server in a multi-tier application model.
- Experience working with DevOps personnel, software and quality assurance engineering.
- Ability to assess risk factors and advise on vulnerability of attack from a variety of sources.
- Familiar with incident response techniques and processes.
- Undergraduate degree in technical field or comparable work experience
- 5+ years relevant experience with security platforms and tools such as firewalls, SIEM, intrusion detection and prevention, and penetration testing.
- Experience in virtual or cloud operations role and building virtual infrastructure systems.
- OSCP, CISSP, GIAC, or other security-related certifications.
- Knowledge of ITIL and/or ISO/IEC 27001 standards.
- Ability to effectively prioritize and execute tasks in a high-pressure environment.
- Strong written, oral, and interpersonal communication skills.
- Ability to present ideas in business-friendly and user-friendly language.
- Highly self-motivated and directed.
- Team-oriented and skilled in working within a collaborative environment