Job Description:
• Act as primary responder and technical specialist within a staff augmentation model
• Focus on day-to-day monitoring, investigation, and refinement of a security stack centered on AWS/Azure, Rapid7, and Proofpoint
• Provide deep-dive forensic analysis and proactive threat hunting
• Ensure cloud infrastructure remains resilient against emerging threats
• Mentor junior analysts in improving incident response workflows
Requirements:
• 5+ years of experience in Security Operations or Analysis
• 3+ years focused on investigating Cloud Security alerts (AWS or Azure)
• Proficiency in auditing cloud environments (VPC/VNet, S3/Blob access logs) and reviewing Identity & Access Management (IAM) permissions for anomalies
• 2+ years of hands-on experience utilizing a SIEM or XDR platform (e.g., Rapid7, Splunk, or Sentinel)
• Experience interpreting vulnerability scan results, assessing their real-world exploitability, and tracking remediation progress with technical teams
• Proven experience leading the 'detect and analyze' phases of the IR lifecycle
• Experience performing internal audits or control testing related to frameworks such as SOX or PCI-DSS
• Ability to distill complex forensic findings into clear, concise reports for stakeholders
Benefits:
• Medical insurance plans
• Dental insurance
• Vision insurance
• Health savings accounts (HSA)
• Flexible spending accounts (FSA)
• Life insurance
• Short and long-term disability insurance
• Paid time off and holidays
• 401(k) with employer match