IS Cloud Operations Specialist
|Position:||IS Cloud Operations Specialist|
|Reports To:||Director, Information Security|
|Location:||New York, NY, Winston-Salem, NC, or Dallas TX|
The Clearing House’s Information Security (IS) group is looking for a Cloud Operations Specialist that would be responsible for the continuous monitoring of cloud environments to detect and mitigate threats and risks. The position involves managing security requirements through native Cloud Service Provider services, triaging, confirming potential vulnerabilities and monitoring systems for potential incidents.
- Possess a strong understanding of cloud computing technology, security, and infrastructure
- Ability to provide direction and guidance on monitoring use cases and requirements
- Adhere to established internal procedures and guidelines.
- Articulate security issues to customers, both verbally and written.
- Continue self-development of knowledge, skills, and abilities to better support execution of the Information
Security (IS) function.
- Previous experience building relationships with key stakeholders in/out of the organization.
- Excellent command of Information Security organizational practices, operations risk management processes,
principles, architectural requirements, engineering threats and vulnerabilities including incident response
- Bachelor's degree in engineering, computer science, or a related field with minimum of 5 years of experience.
- Strong analytical and problem-solving skills.
- Relevant industry certification (e.g. CISSP, CISM) and/or Cloud Security related certifications (e.g. AWS, Google,
Azure, etc.) is desired.
- Knowledge of NIST 800-61, MITRE ATT&CK Framework, NIST Cybersecurity Framework and similar standards is
Essential Functions and Responsibilities:
- Configure and administer cloud computing technologies, infrastructure, and applications to meet the
organizations security requirements, including, but not limited to, Cloud Access Security Broker (CASB), Azure
ATP, Cloud Native Security Platform (CNSP) services and other tools.
- Experience developing and implementing threat detection rules.
- Monitor and maintain security posture in public / private clouds such as Amazon Web Services (AWS) and
- Create and develop use cases for security operations for cloud-based services - use cases employing
correlation and analytics leveraging SIEM platforms, native CSP services, and 3rd party Cloud-based services.
- Implement operational procedures around these use case, focused on security monitoring, incident response,
forensics, vulnerability management, and ongoing risk mitigation. With operational use and through the use of
metrics, iteratively enhance and tune these procedures and use cases.
- Monitor the external cyber threat landscape, assess new threat actor tactics and techniques, and apply these
lessons to the cyber operations.
- Contribute to security incident response and forensics for both on-premises and cloud events.
- Promote security orchestration and automation frameworks for the Cloud with focus on security monitoring,
incident response, and vulnerability management.
Physical Demands and Work Environment:
Work is generally sedentary in nature, but may require standing and walking. The working environment is
generally favorable. Lighting and temperature are adequate, and there are no hazardous or unpleasant
conditions caused by noise, dust, etc. Work is generally performed within an office environment, with
standard office equipment available. Travel may be required.
TCH places paramount importance on the health and safety of its employees, and, as such, we are taking all necessary
steps to protect our workforce. Because this position may require business travel and/or working in close contact with
colleagues and other third parties, TCH is requiring that the employee hired into this role present proof that they are
fully vaccinated against COVID-19 during their first week of employment.
- A letter of interest describing your experience and interest in the position
- Your resume
- Names and contact information of three references, or three letters of reference
* Please submit a single application per position.