Cloud Security Analyst (IGT1)

Job Description We are seeking a Cloud Security Analyst with 2–3 years of hands-on AWS Cloud Engineer or Cloud Operations experience who has moved into (or is moving into) cloud security. This role requires someone who has worked directly in AWS production environments and can apply that operational knowledge to identify, analyze, and remediate security risks using modern cloud security tools. This is not an entry-level security role and not a penetration testing position. The role is focused on cloud security operations (SOC-style), ownership of findings, and driving remediation. Key Responsibilities Monitor and analyze cloud security posture across AWS environments using: Upwind (CSPM) AWS Security Hub AWS GuardDuty AWS Inspector Monitor and respond to endpoint and workload security alerts using SentinelOne Identify, assess, and track: CVEs IAM misconfigurations Cloud infrastructure security risks Logically analyze and triage security alerts/events and determine appropriate response and escalation Drive remediation of security findings by working directly with Cloud Engineering, DevOps, and Operations teams Apply hands-on AWS operational knowledge to recommend practical, implementable security fixes Maintain clear documentation of: Security findings Risk assessments Remediation actions and outcomes Communicate security risks, priorities, and remediation status clearly to technical teams and leadership Support internal security standards, compliance requirements, and best practices Continuously improve cloud security workflows, alerting, and operational processes Qualifications Required Skills & Experience (Must Have) 2–3 years of hands-on experience as an AWS Cloud Engineer or Cloud Operations Engineer Direct experience operating production AWS environments Strong hands-on knowledge of AWS services, including: IAM, EC2, VPC, Security Groups, CloudTrail, CloudWatch Experience using cloud and endpoint security tools such as: Upwind (or similar CSPM platform) AWS Security Hub AWS GuardDuty AWS Inspector SentinelOne Strong understanding of cloud security fundamentals, including: CVEs IAM misconfigurations Secure cloud architecture principles Experience in a cloud security operations or SOC-style environment Ability to logically evaluate security alerts and determine next steps Strong written and verbal communication skills Proven ability to work cross-functionally and drive issues to closure Detail-oriented with strong documentation and organizational skills Nice to Have Upwind or CSPM tool hands-on experience Experience supporting SaaS platforms or regulated environments (e.g., healthcare, financial services) Exposure to compliance frameworks and internal security standards Background in DevOps or SRE-style operational teams Experience working with globally distributed teams What We’re Looking For Someone who has actually built and operated AWS environments, not just reviewed them A self-starter who takes ownership of security findings end-to-end A strong communicator who can bridge cloud engineering and security A practical, execution-focused security professional What Success Looks Like in This Role Security alerts are triaged quickly and accurately Findings are driven to remediation, not just reported Engineering teams trust and act on security recommendations Cloud security posture measurably improves over time Repeated misconfigurations and vulnerabilities are reduced