Cloud ASM Analyst

Are you passionate about cloud security and eager to play a key role in protecting a global organization from cyber threats? Join the Allianz Cyber Defense Center as a Cloud Attack Surface Management Analyst and help secure our AWS and Azure environments.

In this role, you will work on identifying, assessing, and remediating security findings, collaborating with cross-functional teams to strengthen our cloud security posture. If you have hands-on experience in cloud technologies, security operations, and are eager to make an impact in a dynamic and innovative environment, we’d love to hear from you!

What you do

As a Cloud Attack Surface Management Analyst you will predominantly work with generated security findings . Your task will be to understand, assess, prioritize, address, and remediate findings as part of the security operations team. You will support the cloud attack surface management engineer, the cloud platform team, and application teams in improving the generation and remediation of findings. Your responsibilities include :

• Monitor and assess the security posture of AWS and Azure environments, identifying potential attack paths, vulnerabilities, misconfigurations, and compliance issues.
• Collaborate with cross-functional teams to remediate identified findings and suggest guard rails and security best practices to secure cloud setups.
• Analyze security alerts and findings from posture management tools, prioritizing and addressing findings for timely resolution.
• Document and track remediation efforts to improve overall security posture.
• Assist in developing and maintaining cloud security guard rails, policies, and procedures, ensuring adherence to industry standards and regulatory compliance.
• Stay updated on the latest cloud security threats, trends, and technologies, proactively suggesting enhancements to existing security measures.
• Support the cloud attack surface management engineer, cloud platform team, and application teams in improving the generation and remediation of security findings

What you bring

• Strong knowledge of AWS, Azure, and multi-cloud environments (GCP), ideally from an engineering or administration background.
• Understanding of cloud security principles and best practices, with familiarity in tools like Prisma, Wiz, CrowdStrike CSPM, or similar.
• Basic understanding of network security, Identity and Access Management (IAM), and encryption technologies.
• Experience in security operations environments (CSIRT, CERT) and familiarity with SOAR technologies and automation processes.
• Experience integrating security practices into the DevOps process and managing security in CI / CD pipelines.
• Experience in responding to and managing cloud-related security incidents.
• Bachelor’s degree in Computer Science, IT, Cybersecurity, or related field, with relevant certifications (e.g., AWS Certified Solutions Architect, Azure Administrator Associate, CISSP, CCSP)

What we offer

• We offer a hybrid work model which recognizes the value of striking a balance between in-person collaboration and remote working incl. up to 25 days per year working from abroad.
• We believe in rewarding performance and our compensation and benefits package includes a company bonus scheme, pension, employee shares program and multiple employee discounts (details vary by location).
• From career development and digital learning programs to international career mobility, we offer lifelong learning for our employees worldwide and an environment where innovation, delivery and empowerment are fostered.
• Flexible working, health and wellbeing offers (including healthcare and parental leave benefits) support to balance family and career and help our people return from career breaks with experience that nothing else can teach.

About Allianz Technology

With its headquarters in Munich, Germany, Allianz Technology is Allianz's global IT service provider and delivers IT solutions that drive the group's digitalization. With more than 11,000 employees in over 20 countries around the world, Allianz Technology is tasked to run, optimize, transform, and innovate the infrastructure, applications, and services together with Allianz companies to co-create the best customer experience.

We service the entire spectrum of digitalization – from one of the industry's largest IT infrastructure projects that spans data centres, networks, and security, to application platforms ranging from workplace services to digital interaction.

In short : We deliver comprehensive end-to-end IT solutions for Allianz in the digital age. We are the backbone of Allianz.

Find us at : www.linkedin.com / company / allianz-technology .

D&I statement

Allianz Technology is proud to be an equal opportunity employer that embraces diversity and commits itself to creating an inclusive work environment for all.

We therefore welcome applications regardless of race, ethnicity or cultural background, age, gender, nationality, religion, social class, disability or sexual orientation, or any other characteristics protected under applicable local laws and regulations.

Join us. Let´s care for tomorrow.

You. IT.

To Recruitment Agencies :

Allianz Technology has an in-house recruitment team that sources great candidates directly. Therefore, Allianz Technology does not accept unsolicited resumes from agencies or search firm recruiters.

When we do work with recruitment agencies, that engagement is formalized by a contract. Fees will only be paid when there is a contract in place. Without a contract in place, we will not accept invoices on unsolicited resumes, even if the candidate was ultimately employed by Allianz.