IT Cloud Security Analyst

Bethesda, MD - USA

Monthly Salary: Not Disclosed

Posted on: 23 hours ago

Vacancies: 1 Vacancy

Job Summary

Futrend Technology Inc. is seeking an IT Cloud Security Analyst to join our security compliance this role you will work closely with the customersInformation Systems Security Officer (ISSO) and play a critical part in safeguarding NLMs IT infrastructure. The role focuses on implementing security controls ensuring compliance with federal cybersecurity framework and support secure cloud adoption across multiple platforms. The analyst works closely with end point owners infrastructure and network security teams and with enterprise security teams to meet NIH mandates.

You will be part of a broader IT program that provides end-to-end supportincluding help desk systems network incident response and security servicesensuring the availability integrity and confidentiality of mission-critical systems.

This position is based in Bethesda MD and requires onsite presence 3 to 5 days/week.

Responsibilities

Implement security controls and ensure compliant cloud environments on AWS GCP or Azure adhering to FISMA NIH policy and federal security requirements
Recommend design and support Cloud security services and control implementation including Identity Access Privileged access Vulnerability management Configuration compliance encryption and centralized security log management
Monitor cloud environments for security events anomalies and configuration drift using SIEM (e.g. Splunk) conduct vulnerabilities assessments track remediation and maintain dashboards with measurable metrics to report overall security posture
Integrate and optimize enterprise security solutions such as Splunk Tenable and other data sources to enhance continuous monitoring event correlation and compliance visibility across NLMs hybrid environment
Investigate and respond to security incidents and alerts perform root-cause analysis and proper remediation actions and reporting per NIHs established incident response plan
Conduct threat modeling and security assessments of cloud deployments to identify and mitigate vulnerabilities develop security requirements and provide guidance for applications migrating from on-prem implementations to the cloud environment
Enhance and automate security and compliance checks using a combination of available tools and scripting; evaluate emerging platforms (like AI-based capabilities) to improve coverage visibility and operational efficiency
Provide security guidance best practices and compliance support to developers operations teams system owners and other stakeholders promoting security awareness

Required Qualifications

Proven experience securing cloud environments (AWS GCP or AZURE) preferably within FISMA compliance frameworks
Strong working knowledge of AWS GCP or Azure cloud security including logging tagging strategies ephemeral resource tracking and cross-platform operations
In-depth knowledge and demonstrated experience of applying federal compliance frameworks including FISMA NIST 800-53 FedRAMP RMF NIH policy and supporting system authorization processes (ATO POA&M) and policies to information systems
Hands-on work experience with automation security event correlation asset inventory tracking and SEIM management (preferably in SPLUNK) utilizing scripting or programming such as PowerShell Bash Python or equivalent and use of APIs
Bachelors degree in computer science Cybersecurity Information Technology or a related field (or equivalent practical experience in Cloud security)
5 years of experience in information security with at least 3 years focused on cloud security administration of Linux and Windows endpoints strong understanding of network and firewall operations
Strong written and verbal communication skills with the ability to produce clear security documentation and effectively communicate technical concepts to technical and non-technical stakeholders
Experience working in regulated federal environments with complex governance and compliance requirements; collaborating and guiding multi-disciplinary teams managing servers workstations network appliances security appliances
Certifications: CISSP (or ability to obtain within 6 months)

Desired Qualifications

AWS/GCP/Azure Certified - Specialty certifications
Advanced Linux and Windows administration experience
Experience with container security (like Docker & Kubernetes)

Required Experience:

Futrend Technology Inc. is seeking an IT Cloud Security Analyst to join our security compliance this role you will work closely with the customersInformation Systems Security Officer (ISSO) and play a critical part in safeguarding NLMs IT infrastructure. The role focuses on implementing security co...

This position is based in Bethesda MD and requires onsite presence 3 to 5 days/week.

Responsibilities

Implement security controls and ensure compliant cloud environments on AWS GCP or Azure adhering to FISMA NIH policy and federal security requirements
Recommend design and support Cloud security services and control implementation including Identity Access Privileged access Vulnerability management Configuration compliance encryption and centralized security log management
Monitor cloud environments for security events anomalies and configuration drift using SIEM (e.g. Splunk) conduct vulnerabilities assessments track remediation and maintain dashboards with measurable metrics to report overall security posture
Integrate and optimize enterprise security solutions such as Splunk Tenable and other data sources to enhance continuous monitoring event correlation and compliance visibility across NLMs hybrid environment
Investigate and respond to security incidents and alerts perform root-cause analysis and proper remediation actions and reporting per NIHs established incident response plan
Conduct threat modeling and security assessments of cloud deployments to identify and mitigate vulnerabilities develop security requirements and provide guidance for applications migrating from on-prem implementations to the cloud environment
Enhance and automate security and compliance checks using a combination of available tools and scripting; evaluate emerging platforms (like AI-based capabilities) to improve coverage visibility and operational efficiency
Provide security guidance best practices and compliance support to developers operations teams system owners and other stakeholders promoting security awareness

Required Qualifications

Proven experience securing cloud environments (AWS GCP or AZURE) preferably within FISMA compliance frameworks
Strong working knowledge of AWS GCP or Azure cloud security including logging tagging strategies ephemeral resource tracking and cross-platform operations
In-depth knowledge and demonstrated experience of applying federal compliance frameworks including FISMA NIST 800-53 FedRAMP RMF NIH policy and supporting system authorization processes (ATO POA&M) and policies to information systems
Hands-on work experience with automation security event correlation asset inventory tracking and SEIM management (preferably in SPLUNK) utilizing scripting or programming such as PowerShell Bash Python or equivalent and use of APIs
Bachelors degree in computer science Cybersecurity Information Technology or a related field (or equivalent practical experience in Cloud security)
5 years of experience in information security with at least 3 years focused on cloud security administration of Linux and Windows endpoints strong understanding of network and firewall operations
Strong written and verbal communication skills with the ability to produce clear security documentation and effectively communicate technical concepts to technical and non-technical stakeholders
Experience working in regulated federal environments with complex governance and compliance requirements; collaborating and guiding multi-disciplinary teams managing servers workstations network appliances security appliances
Certifications: CISSP (or ability to obtain within 6 months)

Desired Qualifications