We are seeking a data-driven Security Analyst to join our Cybersecurity team. The analyst will be
responsible for monitoring our security posture across cloud environments, endpoints, and internal
applications. The ideal candidate doesn't just "find" vulnerabilities—they analyze the risk, prioritize
remediation, and communicate health metrics to leadership to drive security improvements.

Role and Responsibilities:
.
● Cloud Security Governance: Monitor and remediate issues within Cloud Security Posture
Management (CSPM) tools; specifically managing high-volume vulnerability backlogs.
● Threat Intelligence & Monitoring: Analyze telemetry from SIEM and EDR platforms to
identify, triaging, and responding to potential security incidents.
● Vulnerability Management: Lead the "Security Gap" analysis for internal applications and
endpoints, ensuring patches and configuration fixes are applied.
● Reporting & Metrics: Translate complex technical data into "Security Health Scores" and
executive summaries for management review.
● Automation: Develop automated workflows to handle repetitive "Medium" severity alerts
to reduce manual overhead and technical debt.

Education and Experience:

● Cloud Expertise: Experience with AWS security frameworks and CSPM tools.
● Monitoring Tools: Proficiency with EDR (CrowdStrike, SentinelOne) and SIEM (Splunk,
Microsoft Sentinel) platforms.
● Analytical Mindset: Ability to calculate risk percentages and prioritize 50,000+ alerts
based on business impact.
● Communication: Strong ability to draft formal reports and emails for non-technical
stakeholders.
● Education/Certifications: CISSP, CCSP, or CompTIA Security+ are highly preferred.

“Nice-to-Have” Specialized Skills:
.
● Infrastructure as Code (IaC): Experience securing Terraform, CloudFormation, or Ansible
scripts to prevent "Medium" issues before they reach production.
● Scripting: Proficiency in Python or PowerShell to automate the remediation of the
50,000+ cloud alerts mentioned in our audit.
● Framework Knowledge: Familiarity with NIST CSF, ISO 27001, or SOC2 compliance
standards.

Performance Indicators (KPIs):

● Mean Time to Remediate (MTTR): Reducing the turnaround time for "High" severity cloud
issues.
● Posture Improvement: Increasing the overall Cloud Security Rating
● False Positive Reduction: Improving the efficiency of Threat Monitoring alerts.