ShorePoint is a cybersecurity services firm with a focus on high-profile, high-threat private and public-sector customers who demand experience and proven security models to protect their data. We are seeking a Senior Cloud Security Operations Analyst who will be the organization’s technical analyst that will assess required Cyber Operations capabilities in multiple cloud environments (O365, Azure, AWS, Oracle) and develop appropriate detection measures in a mixed Elastic and Splunk environment. The candidate will perform analysis of available cloud environment data feeds, network monitoring and filtering systems (inc. IDS/IPS), and endpoint protection platforms in order to develop unified detection measures. Ensuring the rigorous application of information security/information assurance policies, principles, and practices. Use Network, Host and Cloud Based data to drive detection, monitoring, and response capabilities

Roles and Responsibilities

  • Research, design, and implement cybersecurity solutions to protect sensitive information in AWS, Azure, and GCP
  • Investigate new techniques, break free from the legacy model, and go where the industry is going
  • Provide systems security authorization support and oversee information security activities related to the deployment of an emerging enterprise cloud solution
  • Drive security accreditation support and maintain authorization to account for any new capabilities deployed to the enterprise cloud
  • Evaluate container security to support dynamic and immutable cloud infrastructure
  • Bring experience with implementing controls from NIST 800-53, FedRAMP, ICD 503, RMF, and Security regulations and how to apply native cloud security and monitoring services in the Cloud, including network firewalls, access control lists, encryption, auditing and monitoring, alerting, secrets management, and compliance scanning
  • Create detection analytics based off the MITRE ATT&CK Framework and other security frameworks
  • Perform unique research on adversarial Tools, Techniques, and Procedures (TTPs)
  • Aid the Ops team in response to incidents by analyzing host behavior and network traffic
  • Authorized to view audit records on Central Log Server
  • Authorized to view alerts of IDS/IPS
  • Authorized to modify auditable events on Central Log Server
  • Overtime may be required as needed to support incident response actions (Surge)

Required Skills

  • Strong written and verbal communication skills
  • Strong understanding of common enterprise technologies
  • Ability to convey extremely technical concepts to audiences with varying technical understanding
  • Network traffic analysis and host-based log analysis
  • Comprehensive understanding of enterprise Windows security (Active Directory)
  • Static and Dynamic malware analysis
  • Practical knowledge in at least one scripting or development language (e.g. PowerShell or Python)

Must have working familiarity with two of the following products:

  • FireEye
  • Splunk
  • Elastic
  • Carbon Black Response
  • Fidelis Network

Education Requirement

  • Bachelor’s degree in Cybersecurity or IT field

Location

  • Washington, D.C 

Security Clearance

  • Must have a Top-Secret Clearance with SCI Eligibility

Sound like the job for you?

Send us a link to your resumé or portfolio to become part of our talent pool.

Click here to apply

Warning: Invalid argument supplied for foreach() in /var/www/wp-includes/class-wp-list-util.php on line 157