Cloud SOC Analyst - Hybrid

Job Description:
As a Cloud SOC Analyst, you will join a dynamic 24x7x365 team dedicated to monitoring, analyzing, and responding to security threats within cloud environments. This role requires a technical and proactive individual to manage incidents, improve security posture, and collaborate across teams to safeguard the organization's cloud assets.

Key Responsibilities:

• Monitor and analyze alerts from cloud security tools such as AWS Security Hub, Microsoft Defender for Cloud, and Google Chronicle.
• Investigate and respond to potential security incidents within AWS, Azure, and GCP environments.
• Conduct log analysis using SIEM tools like Splunk and Google SecOPS.
• Lead incident response activities, including containment, remediation, and root cause analysis.
• Create detailed incident reports and recommend preventive measures.
• Identify and remediate cloud misconfigurations using tools like Prisma Cloud, AWS Config, or Azure Security Center.
• Develop and implement custom detection rules and scripts to enhance monitoring capabilities.
• Collaborate with DevOps, IT, and security teams to ensure secure cloud configurations.
• Provide guidance and training to junior analysts on cloud security best practices.
• Support audits and ensure compliance with security frameworks such as CIS, NIST, and ISO 27001.

Required Skills, Experiences, Education, and Competencies:

• 3-5 years of cybersecurity experience, with at least 2 years in cloud security or SOC roles.
• Hands-on experience with cloud platforms like AWS, Azure, and GCP, and CSPM solutions such as Prisma.
• Proficiency in SIEM tools and cloud-native security technologies.
• Strong understanding of security frameworks, including MITRE ATT&CK, NIST CSF, and CIS Benchmarks.
• Proficiency in scripting languages like Python, PowerShell, or Bash.
• Familiarity with packet structure, in-depth packet analysis, and securing common operating systems.
• Experience analyzing log sources from security and networking devices such as firewalls, routers, proxies, and operating systems.
• Strong knowledge of Windows and Unix/Linux command line tools.
• Familiarity with incident response frameworks like SANS or NIST.
• Exceptional problem-solving, analytical, and communication skills.
• Relevant certifications such as AWS Certified Security Specialty, Microsoft Certified: Azure Security Engineer Associate, CCSK, or CCSP are preferred.
• Experience with automation tools like Terraform or Ansible, CI/CD pipelines, and Zero Trust principles is a plus.

The hourly range for roles of this nature are $50.00 to $80.00/hr. Rates are heavily dependent on skills, experience, location, and industry.

cyberThink is an Equal Opportunity Employer.