Cloud Security Operations Analyst (REMOTE)

About the position The Senior Cloud Security Specialist will serve as a technical leader in cloud security operations, responsible for designing and implementing advanced threat detection and mitigation strategies across multi-cloud environments. This role demands deep expertise in cloud-native and CNAPP technologies, incident response, and forensic investigation. The SME will collaborate with Security Engineering & Architecture, CSOC, and governance teams to ensure a resilient and compliant cloud security posture. Responsibilities • Threat Detection & Investigation Deploy and optimize cloud-native and third-party threat detection platforms (e.g., AWS GuardDuty, Azure Defender, GCP SCC). Investigate alerts using telemetry, behavioral analytics, and AI/ML-based anomaly detection. Align detection logic with MITRE ATT&CK and CSA CCM frameworks • Rule Creation & CNAPP Integration Author and tune detection rules leveraging CNAPP platforms (e.g., Wiz, Prisma Cloud, Orca). Integrate CNAPP telemetry into SIEM/SOAR workflows for automated response Monitoring and manage security configurations for cloud services in a multi-cloud environment. • Mitigation Strategy Development Design and implement dynamic playbooks for threat containment and remediation. Collaborate with DevOps and product teams to embed security controls into arenaflex/CD pipelines. Exposure to cloud security guardrail automation, such as AWS SCP and Azure Policies. • Incident Response & Forensics Lead incident triage and root cause analysis across cloud environments. Conduct forensic investigations using cloud-native tools and third-party platforms. Document findings and contribute to post-incident reviews and continuous improvement • Security Architecture & Governance Provide guidance on secure cloud architecture, access controls, and data protection. Firm understanding of cloud security best practices and cloud well architected frameworks. Ensure compliance with SOX, GDPR, and internal governance policies Requirements • Deep expertise in AWS, Azure, GCP, and OCI cloud security services. • Hands-on experience with CNAPP platforms (e.g., Wiz, Prisma Cloud, Orca). • Proficiency in threat detection rule creation, tuning and alert response leveraging tools such as CrowdStrike, Wiz Defend, AWS GuardDuty, etc. Respond to Kubernetes and Cloud Container threat alerts (e.g., unusual API invocations) and tune detection rules accordingly • Strong knowledge of SIEM/SOAR platforms (e.g., Splunk, Sentinel, Elastic, Tines). • Experience in cloud forensics and incident response workflows. • Familiarity with infrastructure-as-code (IaC) tools (Terraform, CloudFormation). • Strong analytical, investigative, and documentation skills. • Excellent communication and leadership abilities. • 7+ years' experience in a cyber security, cyber investigations, cyber threat intelligence, or combination of these three roles. • Undergraduate degree in technical discipline, Computer Science or related field required. Nice-to-haves • Graduate degree preferred. • CISSP, AWS Cloud Practitioner, AWS Certified Security - Specialty, or other cloud specific certifications preferred. • Automation and scripting for WAF operations. • Machine Learning and behavioral analytics for traffic anomalies. Apply tot his job Apply tot his job