Cloud Security Analyst

at Volkswagen Automotive Cloud
Published July 28, 2022
Location Redmond, WA
Category Default  
Job Type Full-time  

Description

The Cloud Security Analyst position will be based in Redmond, WA, with a role classification of hybrid remote.

The Cloud Security Analyst is responsible for helping to ensure security and compliance for VW Automotive Cloud. Key components include reviewing, identifying, analyzing and reporting security alerts and systems for VW Automotive Cloud. This person will be responsible for detecting, investigating and responding to security alerts utilizing Azure security capabilities (e.g. Azure Security Center and Sentinel). Additionally, this position will develop reports and dashboards regarding security objectives. The Cloud Security Analyst will be an integral part of the VW Automotive Cloud’s Information Security Team and will be required to have a broad understanding of information security concepts, processes, procedures, policies, and practices.

Responsibilities will include:

  • Review new and existing cloud-hosted applications and systems for vulnerabilities, and assess the health and security of cloud network architectures
  • Conducts vulnerability assessments and monitors systems, networks, and databases for possible security breaches and recommends improvements.
  • Develop advanced SIEM correlation rules, reports and dashboards to detect emerging threats
  • Partner with Security Engineering to troubleshoot security vulnerabilities. identify root cause, fix and document problems, and implement preventive measures
  • Proactively review information security systems to identify areas for improvement
  • Collaborate with other teams and departments to fit security and compliance requirements with other constraints such as business requirements or technology limitations
  • Analyze and assess potential vendors and solution partners to address security, compliance, and business needs
  • Develop, facilitate, and promote activities to create information security and privacy awareness throughout the Company
  • Coordinate with Engineering and DevOps teams to advocate secure coding practices
  • Create reports or dashboards providing a summary of information security objectives and status
  • Partner with Security Engineering to maintain and expand knowledge of best practices and emerging trends in general information security
  • Develop, review, and implement information security policies, standards, and procedures that promote or ensure the safeguarding of confidentiality, integrity, and availability of information systems and data

Years of Relevant Experience

  • 5-7 years of progressive experience in Information Technology or
  • 3+ years of progressive experience in Information Security, Audit, Risk or Compliance

Required Education

  • Bachelor’s degree or equivalent work experience in IT

Desired Education

  • Bachelor's degree in Computer Science, Computer Engineering, Cyber Security or Information Assurance

Required Skills

  • Team participation with openness to dialogue
  • Working seamlessly in a distributed team via collaboration tools
  • Ability to learn fast, adapt to new technology and acquire/keep current with industry certification
  • Excellent verbal, written, presentation and other interpersonal communication skills
  • Ability to convey complex technical concepts effectively to a variety of audiences
  • Ability to inform, educate and influence managers and employees to support goals and initiatives
  • Solid analytical/problem-solving skills with the capability to identify solutions to unusual and complex problems
  • Must have a desire for gaining new knowledge, behaviors and skills
  • Builds on and applies existing knowledge
  • Engages in learning from others, inside and outside the organization
  • Tries new approaches and broadens the scope of work to learn from work assignments
  • Solid understanding and knowledge of information technologies including operating systems, networking, data management, cloud computing (SaaS, PaaS, IaaS)
  • Familiarity MITRE ATT&CK Framework
  • Solid understanding and knowledge of Security SEIM / SOAR concepts and applied practices
  • Strong Knowledge of networking protocols and cybersecurity best practices in a cloud environment

Desired Skills

  • CISSP and/or GIAC or similar professional security certifications highly preferred
  • In-depth knowledge of security and privacy standards and frameworks such as NIST 800-53, ISO 27001, GDPR, CCPA/CPRA
  • Experience in Information Security, Risk Management, Compliance, or Auditing

Work Flexibility

  • Limited business travel may be required
  • Onsite, remote work options dependent on team operating model and initiative
  • Flexibility to work outside of core hours (Monday – Friday) to support business demand

We are proud to be an EEO employer M/F/D/V. We maintain a drug-free workplace and perform pre-employment substance abuse testing.

Only registered members can apply for jobs.