What are the responsibilities and job description for the Cloud Security Analyst position at ASSYST, Inc.?
ASSYST is seeking a Cloud Security Analyst to support our government client based in Austin, TX. TIERS Operations, AWS Cloud Migration, and Authority to Connect projects by enhancing security operations and ensuring compliance with industry standards. This role involves analyzing on-prem and cloud security, collaborating with DevSecOps teams, and implementing security measures to protect IT infrastructure, networks, and data.
The position is hybrid. The program will only allow candidates who are within the City of Austin or the surrounding cities. 20% travel into the office is required.
Onsite: Wednesdays
Remote: Mondays, Tuesdays, Thursdays and Fridays.
Key Responsibilities:
The position is hybrid. The program will only allow candidates who are within the City of Austin or the surrounding cities. 20% travel into the office is required.
Onsite: Wednesdays
Remote: Mondays, Tuesdays, Thursdays and Fridays.
Key Responsibilities:
- Develop, implement, and assess security policies and controls to mitigate vulnerabilities.
- Analyze on-premises and cloud security operations, working closely with DevSecOps teams on security audits, documentation, and compliance reporting.
- Ensure alignment with NIST 800-37, NIST 800-53, MARS-E controls, and manage POA&Ms and Corrective Action Plans.
- Conduct security risk assessments, investigate security violations, and provide remediation recommendations.
- Collaborate with IT teams to coordinate audit responses, evidence gathering, and compliance efforts.
- Implement security measures for web application firewalls, network security, and cloud security governance.
- Manage security-related projects, ensuring alignment with regulatory requirements and best practices.
- Experience with data security, network security, and cybersecurity threat intelligence.
- Strong knowledge of AWS Cloud Security, DevSecOps, and regulatory frameworks.
- Hands-on experience with security tools such as Splunk, Archer GRC, Qualys, and Imperva Web Application Firewall.
- Familiarity with ITIL processes and ticketing systems like Remedy and ServiceNow.
- Ability to manage conflicts, resolve security issues, and provide security training.
- Experience in Windows & Linux system administration and cloud-based technology training.
- Knowledge of security governance, risk assessments, and documentation.
- Hands-on expertise in AWS Cloud Security or other cloud platforms.
