Role : Lead Cloud Infrastructure Vulnerability Analyst Synonymous Business Title : Sr Security and Compliance Program Manager Location : Dallas, TX or Scottsdale, AZ (will work remotely)Overview :
Blue Yonder is a Leading AI-driven Global Supply Chain Solutions Software Product Company and one of Glassdoor’s “Best Places to Work”. We are seeking a Lead Cloud Infrastructure Vulnerability Analyst who will be responsible for leading Cloud Security Posture Management (CSPM), identifying security vulnerabilities including misconfigurations across cloud infrastructures, including Infrastructure as a Service (IaaS), Software as a Service (SaaS), and Platform as a Service (PaaS). This candidate will also be responsible for Cloud Workload Protection (CWP), providing continuous discovery and monitoring of vulnerabilities in the workloads deployed in the cloud infrastructure.
Have you got what it takes to succeed The following information should be read carefully by all candidates.
Scope :
- Core responsibilities include assessing and promoting remediation for all the assets in the Infrastructure as a Service (IaaS) and Software as a Service (SaaS).
- The candidate will be a key member of the centralized information security team.
What you’ll do :
Discover and continuously monitor for vulnerabilities in the public cloud infrastructure, cloud workloads including dockers, Kubernetes, and containers.Create golden images for virtual machines, dockers, and containers to be spun up for the business.Identify gaps in Identity and Access Management (IAM) in Public Cloud.Perform vulnerability scans and report findings for On-prem and Cloud networks.Publish the vulnerability status reports to senior management and track remediation.Define and participate in the implementation of On-prem and Cloud architecture and security controls.Proactively identify threats and risk remediation.Discover assets in the cloud infrastructure to identify and continuously monitor for security vulnerabilities and misconfigurations.Maintain security by monitoring and ensuring compliance with standards, policies, and procedures; conducting incident response analyses; developing and conducting training programs.Upgrade security systems by monitoring the security environment; identifying security gaps; evaluating and implementing enhancements.Participate in and assist with the incident response team, as appropriate.Generate metrics for management as needed.Prepare system security reports by collecting, analyzing, and summarizing data and trends.What we are looking for : Required Qualifications
8 to 12 years of proven experience in Information Security and / or Vulnerability Management.5 years of public cloud security infrastructure experience within Azure, AWS, or GCP.Must have experience with at least one of the following CSPM (Cloud Security Management) tools; Prisma Cloud (Palo Alto Networks), Wiz, AWS Security Hub, Microsoft Defender for Cloud (formerly Azure Security Center), Check Point Cloud Guard, Lacework, or Orca Security.Strong understanding of Threat Sources / Feeds like CISA, Threat Intelligence, and the latest Vulnerabilities like Log4J, Spring4shell, etc.Bachelor’s degree in Information Security, MIS, or Computer Science.Preferred Qualifications
Certifications such as CCSK, CCSP, GCSA, Microsoft Certified Azure Security Engineer Associate, CISSP, or equivalent.Thorough understanding of Identity and Access Management best practices in Public cloud.Deep and diverse experience architecting and implementing network security designs. Expert in network security, system security, and endpoint security.Thorough understanding of security vulnerabilities and misconfigurations in the cloud infrastructure.Thorough understanding of native cloud solutions like dockers, containers, Kubernetes, VDIs, cloud storage, cloud infrastructure, etc.Familiarity with security frameworks and regulatory requirements such as NIST, ISO 27001 / 2, and SSAE-18.Proven experience with products dealing with vulnerability management services which include Qualys, Nessus, Nexpose, etc.Practical experience with the development, implementation, and management of security-related technologies (i.e., SIEM, WAF, AV, Firewalls, Internet-facing services).Excellent customer service including strong written and oral communication skills.Knowledge of security network devices (firewalls, switches, SIEM, Antivirus, cryptography, etc.) and other security networking hardware / software tools.Demonstrated understanding of information security concepts, standards, practices, including but not limited to firewalls, intrusion prevention and detection, TCP / IP and related protocols, device monitoring and log management and event monitoring / reporting.Results-focused and attention to detail.Salary and Benefits
The salary range for this position is $137,127 - $172,873. The salary range information provided reflects the anticipated base salary range for this position based on current national data. Minimums and maximums may vary based on location. Individual salary will be commensurate with skills, experience, certifications or licenses, and other relevant factors. In addition, this role will be eligible to participate in either the annual performance bonus or commission program, determined by the nature of the position.
At Blue Yonder, we care about the wellbeing of our employees and those most important to them. This is reflected in our robust benefits package and options that include :
Comprehensive Medical, Dental, and Vision401K with MatchingFlexible Time OffCorporate Fitness ProgramA variety of voluntary benefits such as Legal Plans, Accident and Hospital Indemnity, Pet Insurance, and much moreCommitment to Diversity
At Blue Yonder, we are committed to a workplace that genuinely fosters inclusion and belonging in which everyone can share their unique voices and talents in a safe space. We continue to be guided by our core values and are proud of our diverse culture as an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected veteran status.
J-18808-Ljbffr
Salary : $137,127 - $172,873
