Sr. Cloud Security Analyst

 

BE PART OF SOMETHING REAL

 

POSITION TITLE:                  Sr. Cloud Security Analyst

REPORTS TO:                        Sr. Manager - IT Security

 

Job Description:

Our Senior Cloud Security Analyst, within the Security Operations group, ensures proper configuration standards are met and sustained in compliance with security policy, procedures, standards, and industry requirements/best practices.

You will have the opportunity to implement and maintain network security controls including CSPM, CWP, CASB, next generation firewalls, container security and automated compliance tools. Additionally, you will get to perform cybersecurity monitoring of American Eagle’s cloud environments ensuring proper monitoring coverage that correlates with internal security operations and processes. To be successful in this role, you should have a proven understanding of the CSA Cloud Controls Matrix as well as other security standards and regulations such as NIST, ISO, PCI. You will also want to have a deep understanding of cloud platforms such as Google Cloud Platform (GCP), Amazon Web Services (AWS), Microsoft Azure.

So, if you want to focus on building secure IaaS/PaaS/SaaS cloud environments in a dynamic retail environment and are passionate about using your analytical skills to solve meaningful problems, AEO has a phenomenal opportunity for you.

Responsibilities:

• Configure, implement, monitor, and support network security software/systems that will help ensure compliance with CSA Cloud Controls Matrix in cloud environment
• Update security tools for logging /monitoring, and growing coverage of existing tools
• Make recommendations to management on enhancements to existing and new security software or related tools
• Assist in evaluating, planning and implementation of new/existing security applications/tools that integrate with current toolsets
• Help implement and maintain next-generation enterprise protection tools malware detection technologies
• Ensure security standard methodologies are identified and integrated into all facets of projects including network, system designs/configuration, and implementations
• Identify and recommend potential areas where existing data security policies and procedures require change, or where a supplement is required to mitigate key security risks
• Partner with various business units to enhance security policies/procedures
• Create and maintain data security documentation, policies, and procedures
• Responsible for providing support during off hours for security
• All other duties as assigned

Qualifications:

• Bachelor’s degree or equivalent work experience required
• Five years of enterprise cloud (IaaS, PaaS, SaaS) experience, IT cloud security experience preferred
• Cloud certifications, such as CCSP, AWS CSA, Google Cloud Professional, Microsoft’s Azure Solutions Architect is preferred
• IT Security certifications, such as CISSP, GIAC, etc. are preferred.  Direct hands-on experience designing and implementing security with Google Cloud Platform and/or Microsoft Azure and/or AWS for both IaaS and PaaS offerings
• Experience with cloud security posture management (CSPM) and cloud workload protection (CWP) tools, such as Microsoft Defender for Cloud, AWS Security Hub / Config, Google Cloud Security Command Center, Check Point Cloud Guard and/or Palo Alto Prisma Cloud
• Experience with Google Cloud Org Policies and/or Azure Policy and/or AWS Service Control Policies
• Deep knowledge regarding clouding networking, such as routing, traffic filtering (firewalls), load balancing, etc… for GCP VPCs and/or Azure VNETs and/or AWS VPCs
• Experience with container security including actual container workloads and Kubernetes engine
• Experience working IaC, such as Terraform and/or Azure Resource Manager templates and/or AWS CloudFormation Stacks
• Experience with DevOps and CI/CD tooling
• Experience in hardening Microsoft Office 365 tenants

• Experience in hardening Google Workspace tenants
• Experience with Microsoft Active Directory, Azure AD and other cloud identity technologies
• Strong ability to critical think and solve problems
• Develop cloud security strategy with a focus on threat detection and incident response
• Advise stakeholders and translate business requirements into secure, scalable, and reliable cloud solutions
• Complete security reviews and assessments with developers, operations, and infrastructure teams
• Partner with system engineering / DevOps to assess and reduce cloud security risks
• Assist with documentation of organizational cloud security standards, processes, and governance model
• Knowledgeable with CSA CCM security framework and CIS Benchmarks for Cloud
• Knowledge of host hardening, auditing, logging, monitoring, network security, and anomaly detections
• Understanding of industry trends for cybersecurity risk & threat intelligence, and governance
• Assist with implementation and improvements of Cloud Security Operations capabilities within existing organizational support structure
• Assist with configuration of sending cloud logs to SIEM tool and creating rules for alerting on suspicious events

 

AEO is an Equal Opportunity Employer and is committed to complying with all federal, state and local equal employment opportunity ("EEO") laws. AEO prohibits discrimination against associates and applicants for employment because of the individual's race or color, religion or creed, alienage or citizenship status, sex (including pregnancy), national origin, age, sexual orientation, disability, gender identity or expression, marital or partnership status, domestic violence or stalking victim status, genetic information or predisposing genetic characteristics, military or veteran status, or any other characteristic protected by law. This applies to all AEO activities, including, but not limited to, recruitment, hiring, compensation, assignment, training, promotion, performance evaluation, discipline and discharge. AEO also provides reasonable accommodation of religion and disability in accordance with applicable law.

 

#LI-CH1