Cloud Security Analyst
Apply NowCompany: Futran Tech Solutions Pvt. Ltd.
Location: Santa Clara, CA 95051
Description:
Job requirements
IT Security Analyst
Cloud Security Analyst
Reporting to the IT Security Manager the IT Security Analyst is a position based in North Carolina
Responsibilities
Hands on experience on security testing tools such as Burp Suite Mimikatz Cobalt Strike PowerSploit Metasploit Qualys Web Inspect or other tools included within the Kali Linux distribution
Experience in security assessment activities within a clients environment emphasizing manual stealthy testing techniques using commercially freely available offensive security tools and utilities built into operating systems
Work closely with technical teams to assess the security posture of systems and applications through vulnerability assessments and penetration testing
Good understanding of cloud technologies and its security best practices
Finetune WAF policies and configurations to optimize security while minimizing false positives
Configure deploy and maintain Web Application Firewalls WAF in production and development environments
Coordinating investigations and reporting of security incidents related to Network Systems and applications
Coordinate and execute IT security projects for Arista at multiple locations
Engage in security research in keeping abreast of the latest security issues for Cloud enabled enterprises including SAAS and IAAS
Monitoring system compliance with the IT framework for controls and levels of access recommending improvements
Collaborate with other groups inside Arista to manage security vulnerabilities and help manage risks
Administer securitydedicated systems Software Firewall management EDR NDR log collection reporting analytics Cloud Security consoles as appropriate
Experience with CSPM tools such as WIZLacework Google Security Command Center
Terraform CloudFormation Forseti and other similar tools experience is highly desired
Conduct and collaborate on laptop and server forensics as well as Cloud Service Provider forensics with the global security team
Perform other related duties as assigned
Qualifications
BA or BSc in Computer Science Management Information Systems Information Assurance or related field
Advanced degree desirable
Must have 6 years of progressive experience in computing and information security
Knowledge of common adversary tactics and techniques eg obfuscation persistence defense evasion etc
Knowledge of Mitre ATTCK framework preferred
Good knowledge of security fundamentals Networking protocols TCPIP stack systems architecture and operating systems
Must have practical experience in Privacy Controls and implementing them in a corporate environment
Expert knowledge is desired of laptop operating systems MacOS Windows and Linux
Proven project management experience a bonus specifically experience in managing remote office configuration and bringing up and working with remote offsite vendors
Experience working in a large cloud or Internet software company
Business Application security analysis and practical experience is a plus eg SFDC NS SiSense
CISSP GIAC or other security certifications desired
Knowledge of information security standards eg ISO 1779927002 etc rules and regulations related to information security and data confidentiality eg FERPA HIPAA etc and desktop server application database network security principles for risk identification and analysis
This position requires some weekend and evening assignments as well as availability during offhours for participation in scheduled and unscheduled activities
IT Security Analyst
Cloud Security Analyst
Reporting to the IT Security Manager the IT Security Analyst is a position based in North Carolina
Responsibilities
Hands on experience on security testing tools such as Burp Suite Mimikatz Cobalt Strike PowerSploit Metasploit Qualys Web Inspect or other tools included within the Kali Linux distribution
Experience in security assessment activities within a clients environment emphasizing manual stealthy testing techniques using commercially freely available offensive security tools and utilities built into operating systems
Work closely with technical teams to assess the security posture of systems and applications through vulnerability assessments and penetration testing
Good understanding of cloud technologies and its security best practices
Finetune WAF policies and configurations to optimize security while minimizing false positives
Configure deploy and maintain Web Application Firewalls WAF in production and development environments
Coordinating investigations and reporting of security incidents related to Network Systems and applications
Coordinate and execute IT security projects for Arista at multiple locations
Engage in security research in keeping abreast of the latest security issues for Cloud enabled enterprises including SAAS and IAAS
Monitoring system compliance with the IT framework for controls and levels of access recommending improvements
Collaborate with other groups inside Arista to manage security vulnerabilities and help manage risks
Administer securitydedicated systems Software Firewall management EDR NDR log collection reporting analytics Cloud Security consoles as appropriate
Experience with CSPM tools such as WIZLacework Google Security Command Center
Terraform CloudFormation Forseti and other similar tools experience is highly desired
Conduct and collaborate on laptop and server forensics as well as Cloud Service Provider forensics with the global security team
Perform other related duties as assigned
Qualifications
BA or BSc in Computer Science Management Information Systems Information Assurance or related field
Advanced degree desirable
Must have 6 years of progressive experience in computing and information security
Knowledge of common adversary tactics and techniques eg obfuscation persistence defense evasion etc
Knowledge of Mitre ATTCK framework preferred
Good knowledge of security fundamentals Networking protocols TCPIP stack systems architecture and operating systems
Must have practical experience in Privacy Controls and implementing them in a corporate environment
Expert knowledge is desired of laptop operating systems MacOS Windows and Linux
Proven project management experience a bonus specifically experience in managing remote office configuration and bringing up and working with remote offsite vendors
Experience working in a large cloud or Internet software company
Business Application security analysis and practical experience is a plus eg SFDC NS SiSense
CISSP GIAC or other security certifications desired
Knowledge of information security standards eg ISO 1779927002 etc rules and regulations related to information security and data confidentiality eg FERPA HIPAA etc and desktop server application database network security principles for risk identification and analysis
This position requires some weekend and evening assignments as well as availability during offhours for participation in scheduled and unscheduled activities