Key Responsibilities:
- Support design efforts to build new processes, controls, and governance related to implementing human and non-human account monitoring to protect the organization.
- Utilize your in-depth technical knowledge and understanding of business requirements to help implement scalable solutions, including monitoring, alerting, and escalation frameworks focused on core account protections.
- Leverage your knowledge of common and emerging threats related to account take-over to proactively develop, implement, and influence controls and policies within the digital identity domain.
- Partner with leaders from various business organizations to triage security events and report on impacting security incidents.
- Regularly collaborate with experts both within and outside of your team, across different regions, to provide effective communication and support.
- Discuss with employees as part of alert analysis and disposition.
- Identify areas for further process automation, simplification, and improvement.
- Provide status updates for executives and stakeholders in non-technical terms encompassing risk, impact, containment, remediation, etc.
- Manage risk and comprehensively document analysis, investigative activities, and actions.
Key Requirements:
- 3+ years of experience with cloud information security related activities
- 3+ years of experience in an operations-focused cloud information security role
- Experience conducting analysis/investigation and containment of potential data breaches or cybersecurity incidents
- Ability to analyze data, evaluate relevance to specific incidents, and exercise independent judgment when responding to alerts
- Excellent communication skills to effectively collaborate across all levels of the organization, with both technical and non-technical audiences
- Familiarity with security vulnerabilities, exploits, hacker techniques, identity management standards, social engineering TTPs, and the incident response lifecycle
- Proficiency in using Splunk to build queries, alerts, and dashboards
- Knowledge of current authentication-based exploits
- Proven experience presenting findings via written reports and oral presentations to key stakeholders
- Ability to work well as part of a team as well as independently, remain calm under pressure, and demonstrate critical thinking skills
- Desired: Cloud+; AZ-900, AZ-500, SC-900; AWS Certified Security Specialty 2024