Cyber Security Analyst

The Cyber Security Analyst (CSA) is responsible for securing the organization’s on-premises, cloud, and hybrid environments. Reporting to the Information Security Manager, the CSA provides technical expertise in network, system, application, and cloud security. The CSA collaborates cross‑functionally to ensure systems are designed, deployed, and managed with robust security controls. This role leads vulnerability management, conducts cloud security assessments, manages penetration tests, researches emerging threats (including cloud‑specific risks), and analyses security events to proactively mitigate attacks.

• Proactively monitor cloud (IaaS/PaaS/SaaS), on‑premises, and hybrid environments to detect and mitigate cyber‑attacks.
• Provide technical expertise on security concepts, including cloud‑native security tools (e.g., CSPM, CWPP, CASB).
• Investigate and respond to alerts from cloud security platforms (e.g., AWS GuardDuty, Azure Sentinel, GCP Security Command Center).
• Conduct vulnerability assessments across cloud workloads (AWS/Azure/GCP), containers, serverless architectures, and traditional infrastructure.
• Assess cloud security technologies (e.g., SASE, Zero Trust) for enterprise value.
• Implement and enforce security policies in cloud environments (e.g., identity/IAM, data encryption, network security groups).
• Monitor threat intelligence for emerging cloud‑specific vulnerabilities (e.g., misconfigurations, exposed storage buckets).
• Support DevSecOps practices by integrating security into CI/CD pipelines and infrastructure‑as‑code (IaC).

• Bachelor’s degree in IT/Cybersecurity or equivalent certifications/experience.
• 3–5 years in security analysis, including 2+ years securing cloud environments (AWS, Azure, or GCP).
• Technical proficiency in:
• Cloud platforms: AWS/Azure/GCP security services (e.g., IAM, KMS, CloudTrail, Security Hub).
• Cloud‑native tools: CSPM (Wiz, Lacework), SIEM (Azure Sentinel, Splunk), container security (Prisma Cloud, Aqua).
• Hybrid/multi‑cloud network security: Firewalls, VPNs, SD‑WAN, Zero Trust Architecture.
• Server/endpoint security: Windows/Linux, Active Directory, cloud workload protection (CrowdStrike, Trend Micro).
• Experience with:
• Cloud vulnerability management (Tenable.io, Qualys, Orca).
• Securing IaC (Terraform, CloudFormation) and CI/CD pipelines (Azure DevOps, GitHub Actions).
• Cloud compliance frameworks (ISO 27017, NIST CSF, CIS Benchmarks).
• Strong threat hunting skills in cloud and hybrid environments.
• Ability to articulate cloud security risks to technical/non‑technical stakeholders.

• Certifications: CCSP, AWS/Azure/GCP Security Specialty, CISSP, CISM, CEH.
• Experience with container security (Kubernetes, Docker) and serverless architectures.
• Proficiency in automation/scripting (Python, PowerShell, CLI) for cloud security tasks.
• Knowledge of cloud data protection (DLP, encryption) and SaaS security (e.g., O365, Salesforce).
• Familiarity with DevSecOps toolchains (e.g., GitLab, Jenkins) and infrastructure‑as‑code scanning.