Cloud Security Architecture Analyst OIT

Emory University is a leading research university that fosters excellence and attracts world-class talent to innovate today and prepare leaders for the future. We welcome candidates who can contribute to the diversity and excellence of our academic community.

KEY RESPONSIBILITIES:

• The Cloud Security Architecture Analyst within Emorys Enterprise Information Security team will be primarily responsible for working with the Enterprise Security and other Emory IT teams to identify evaluate and implement security controls for cloud services.
• This will mainly include Amazon Web Services but will also encompass additional cloud provider related activities as Emorys cloud base grows.
• This position will support the migration and support of on-premise solutions to the cloud and continual adoption of secure cloud services for Emory University and Emory Healthcare.
• Responsible for performing security risk assessments for cloud computing solutions including risk identification analysis and evaluation identifying remediation and/or mitigation requirements and recommendations and handing off the associated risks to the enterprise risk register management process.
• Seeks and applies guidance and direction for internal and external customers based on policies published guidelines best practices and industry recommendations.
• Supports team by performing research and analysis of vulnerabilities and related consultation to internal and external customers about those vulnerabilities.
• Helps to ensure that information security safeguards and controls are properly communicated and adhered to.
• Assessments include various cloud platform providers and the applications processes vendors and technologies used by departments divisions or the enterprise in one or more of those cloud platform providers.
• In addition to conducting risk assessments this position contributes to the identification of improvements for multiple areas to include the risk management process and tool improvements.
• Works closely with teams across cloud engineering enterprise information security IT privacy compliance legal procurement research and numerous business units to help protect assets for the institution.
• Applies background knowledge in IT cloud architecture and security and/or security vendor risk assessments and continually conducts research into new technologies and vulnerabilities across the industry.
• Contributes to development of risk analysis tools and provides functional guidance and direction to internal and external customer teams in overall security risk assessments of projects.
• Assists with the interpretation of information security policies and requirements or their applicability.
• Performs risk assessments of client vendors through risk assessment toolkit against various frameworks (HIPAA HITRUST SOC NIST etc.) collecting data and identifying areas of compliance/non-compliance through written assessment reports.
• Assesses risk for various components of a particular solutions architecture such as: cloud services cloud controls network operating system database storage application vulnerability assessments cloud security configuration settings virus prevention and remediation encryption network segmentation remote access and authentication.
• As a member of the Enterprise Security team the position will also be tasked with other information security related tasks and projects as necessary.
• This position may be called upon to assist with information security activities with university or healthcare units across the enterprise.
• Performs other related duties as required.
• Level: An experienced cybersecurity professional applies practical knowledge of job area typically obtained through advanced education and work experience.
• Works semi-independently with periodic management check-ins in close collaboration with analysts own team.
• Requires communication with IT leadership.
• Career progression to this point includes experience with cloud platform solutions.

MINIMUM QUALIFICATIONS:

• A bachelors degree and three years of related IT experience including demonstrated experience in relevant information security domains project management skills OR an equivalent combination of education training and experience.
• Excellent project management and team participation skills.
• Good written and verbal communication skills.
• A solid background in cloud computing platforms and cloud security concepts development deployment and administration.
• Strongly preferred qualifications include knowledge of information security technologies methodologies and best practices in the domains of cloud security architecture vulnerability identification and safeguards data protection cloud business continuity and other relevant cloud security concepts practices and experiences.
• Security certifications are a plus (e.g. AWS GCP Azure CISSP GIAC Cloud etc.).

NOTE: Tasks related to this position can be performed remotely with only occasional visits to an Emory University location. Eastern (EST) time zone business hours may apply. Emory reserves the right to change this status with notice to employee. Emory does not approve as a primary work location in the following states; NJ AK and HI any U.S. Territories or outside of the United States.

Emory is an equal opportunity employer and qualified applicants will receive consideration for employment without regard to race color religion sex national origin disability protected veteran status or other characteristics protected by state or federal law. Emory University does not discriminate in admissions educational programs or employment including recruitment hiring promotions transfers discipline terminations wage and salary administration benefits and training. Students faculty and staff are assured of participation in university programs and in the use of facilities without such discrimination. Emory University complies with Section 503 of the Rehabilitation Act of 1973 the Vietnam Era Veterans Readjustment Assistance Act and applicable executive orders federal and state regulations regarding nondiscrimination equal opportunity and affirmative action (for protected veterans and individuals with disabilities). Inquiries regarding this policy should be directed to the Emory University Department of Equity and Civil Rights Compliance 201 Dowman Drive Administration Building Atlanta GA 30322. Telephone: (V) (TDD).

Emory University is committed to ensuring equal access and providing reasonable accommodations to qualified individuals with disabilities upon request. To request this document in an alternate format or to seek a reasonable accommodation please contact the Department of Accessibility Services ator call (Voice) (TDD). We kindly ask that requests be made at least seven business days in advance to allow adequate time for coordination.