Cloud and DevSecOps Security Analyst

May 17, 2023

Role Purpose:
The role is operational in nature and focus on processing and responding to alerts generated by the Cloud Security, SaaS Security, and DevSecOps Tooling. The incumbent will work closely with the Blue Team to ensure that alerts and incidents are correctly handled.

Qualifications and Experience
Qualifications

  • Matric
  • Bachelor’s degree in computer science, informatics, or engineering.
  • AWS and Azure certifications recommended, specifically in the security competency.

Experience

  • 2 to 3 years of experience in an information security operation role (Blue team or SecOps team).
  • A minimum of 1 year of experience and exposure to the public cloud (AWS/Azure) and a demonstrated ability to learn new technology including associated security risks and controls.
  • Exposure to application security concepts and software development experience will be advantageous.

Responsibilities

  • Maintain a working knowledge of the current cloud security environment and industry trends to identify security control issues or areas of improvement and communicate this information to management.
  • Work with technical teams to ensure that security configuration of SaaS solutions like O365 are implemented correctly according to established baselines.
  • Handling of alerts/incidents identified by the SaaS Security Tooling in close collaboration with the CSIRT/Blue Team, Business Information Security Officers (BISO’s), and End-user Computing (EUC) team.
  • Handling of alerts/incidents identified by Cloud Security Tooling in close collaboration with the CSIRT/Blue Team.
  • Onboarding, development, and monitoring of DevSecOps controls within the application development environments of SGT client businesses (through BISO’s and application development teams).
  • Provide regular feedback and reporting on alerts/incidents identified by Cloud Security, SaaS Security, and DevSecOps Tooling.
  • Identify and implement areas of improvement and automation possibilities for Cloud Security, SaaS Security, and DevSecOps Tooling.

Knowledge and Skills

  • Security Auditing
  • Risk management
  • Incident Investigation
  • Reporting and Administration
  • Security tools monitoring

Personal Attributes

  • Interpersonal savvy – Contributing independently.
  • Decision quality – Contributing independently.
  • Plans and aligns – Contributing independently.
  • Optimizes work processes – Contributing independently.

Core Competencies

  • Cultivates innovation – Contributing independently.
  • Customer focus – Contributing independently.
  • Drives results – Contributing independently.
  • Collaborates – Contributing independently.
  • Being resilient – Contributing independently

Role Purpose:
The role is operational in nature and focus on processing and responding to alerts generated by the Cloud Security, SaaS Security, and DevSecOps Tooling. The incumbent will work closely with the Blue Team to ensure that alerts and incidents are correctly handled.

Qualifications and Experience
Qualifications

  • Matric
  • Bachelor’s degree in computer science, informatics, or engineering.
  • AWS and Azure certifications recommended, specifically in the security competency.

Experience

  • 2 to 3 years of experience in an information security operation role (Blue team or SecOps team).
  • A minimum of 1 year of experience and exposure to the public cloud (AWS/Azure) and a demonstrated ability to learn new technology including associated security risks and controls.
  • Exposure to application security concepts and software development experience will be advantageous.

Responsibilities

  • Maintain a working knowledge of the current cloud security environment and industry trends to identify security control issues or areas of improvement and communicate this information to management.
  • Work with technical teams to ensure that security configuration of SaaS solutions like O365 are implemented correctly according to established baselines.
  • Handling of alerts/incidents identified by the SaaS Security Tooling in close collaboration with the CSIRT/Blue Team, Business Information Security Officers (BISO’s), and End-user Computing (EUC) team.
  • Handling of alerts/incidents identified by Cloud Security Tooling in close collaboration with the CSIRT/Blue Team.
  • Onboarding, development, and monitoring of DevSecOps controls within the application development environments of SGT client businesses (through BISO’s and application development teams).
  • Provide regular feedback and reporting on alerts/incidents identified by Cloud Security, SaaS Security, and DevSecOps Tooling.
  • Identify and implement areas of improvement and automation possibilities for Cloud Security, SaaS Security, and DevSecOps Tooling.

Knowledge and Skills

  • Security Auditing
  • Risk management
  • Incident Investigation
  • Reporting and Administration
  • Security tools monitoring

Personal Attributes

  • Interpersonal savvy – Contributing independently.
  • Decision quality – Contributing independently.
  • Plans and aligns – Contributing independently.
  • Optimizes work processes – Contributing independently.

Core Competencies

  • Cultivates innovation – Contributing independently.
  • Customer focus – Contributing independently.
  • Drives results – Contributing independently.
  • Collaborates – Contributing independently.
  • Being resilient – Contributing independently

Desired Skills:

  • information security
  • public cloud (AWS/Azure)
  • security risks and controls

Learn more/Apply for this position