Cloud Security Operations Analyst (REMOTE)

The Senior Cloud Security Specialist will serve as a technical leader in cloud security operations responsible for designing and implementing advanced threat detection and mitigation strategies across multi-cloud environments. This role demands deep expertise in cloud-native and CNAPP technologies incident response and forensic investigation. The SME will collaborate with Security Engineering & Architecture CSOC and governance teams to ensure a resilient and compliant cloud security posture.

Key Responsibilities:

• Threat Detection & Investigation
  • Deploy and optimize cloud-native and third-party threat detection platforms (e.g. AWS GuardDuty Azure Defender GCP SCC).
  • Investigate alerts using telemetry behavioral analytics and AI/ML-based anomaly detection.
  • Align detection logic with MITRE ATT&CK and CSA CCM frameworks
• Rule Creation & CNAPP Integration
  • Author and tune detection rules leveraging CNAPP platforms (e.g. Wiz Prisma Cloud Orca).
  • Integrate CNAPP telemetry into SIEM/SOAR workflows for automated response
  • Monitoring and manage security configurations for cloud services in a multi-cloud environment.
• Mitigation Strategy Development
  • Design and implement dynamic playbooks for threat containment and remediation.
  • Collaborate with DevOps and product teams to embed security controls into CI/CD pipelines.
  • Exposure to cloud security guardrail automation such as AWS SCP and Azure Policies.
• Incident Response & Forensics
  • Lead incident triage and root cause analysis across cloud environments.
  • Conduct forensic investigations using cloud-native tools and third-party platforms.
  • Document findings and contribute to post-incident reviews and continuous improvement
• Security Architecture & Governance
  • Provide guidance on secure cloud architecture access controls and data protection.
  • Firm understanding of cloud security best practices and cloud well architected frameworks.
  • Ensure compliance with SOX GDPR and internal governance policies

Required Skills & Abilities:

• Deep expertise in AWS Azure GCP and OCI cloud security services.
• Hands-on experience with CNAPP platforms (e.g. Wiz Prisma Cloud Orca).
• Proficiency in threat detection rule creation tuning and alert response leveraging tools such as CrowdStrike Wiz Defend AWS GuardDuty etc.
• Respond to Kubernetes and Cloud Container threat alerts (e.g. unusual API invocations) and tune detection rules accordingly
• Strong knowledge of SIEM/SOAR platforms (e.g. Splunk Sentinel Elastic Tines).
• Experience in cloud forensics and incident response workflows.
• Familiarity with infrastructure-as-code (IaC) tools (Terraform CloudFormation).
• Strong analytical investigative and documentation skills.
• Excellent communication and leadership abilities.

Qualifications:

7 years experience in a cyber security cyber investigations cyber threat intelligence or combination of these three roles.

Undergraduate degree in technical discipline Computer Science or related field required. Graduate degree preferred.

CISSP AWS Cloud Practitioner AWS Certified Security - Specialty or other cloud specific certifications preferred.

Automation and scripting for WAF operations.

Machine Learning and behavioral analytics for traffic anomalies.

Special Factors

Sponsorship

About Vanguard

At Vanguard we dont just have a missionwere on a mission.

To work for the long-term financial wellbeing of our clients. To lead through product and services that transform our clients lives. To learn and develop our skills as individuals and as a team. From Malvern to Melbourne our mission drives us forward and inspires us to be our best.

How We Work

Vanguard has implemented a hybrid working model for the majority of our crew members designed to capture the benefits of enhanced flexibility while enabling in-person learning collaboration and connection. We believe our mission-driven and highly collaborative culture is a critical enabler to support long-term client outcomes and enrich the employee experience.