Be an early applicantLess than 25 applicants

Company

Blue Yonder · 14 hours ago

Sr. Lead Cloud Infrastructure Vulnerability Analyst

Scottsdale, AZ

Full-time

Remote

Senior Level, Lead/Staff

$137K/yr - $173K/yr

10+ years exp

Maximize your interview chances

CRMData Management

Growth Opportunities

H1B Sponsor Likely

Insider Connection @Blue Yonder

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Discover and continuously monitor for vulnerabilities in the public cloud infrastructure, cloud workloads including dockers, Kubernetes, and containers, etc.

Create golden images for virtual machines, dockers and containers to be spun up for the business.

Identify gaps in Identity and Management (IAM) in Public Cloud.

Perform vulnerability scans and report findings for On-prem and Cloud networks.

Publish the vulnerability status reports to senior management and track remediation.

Define and participate in implementation of On-prem and Cloud architecture and security controls.

Proactive identification of threats and risk remediation.

Discover the assets in the cloud infrastructure to identify and continuously monitoring for security vulnerabilities and misconfigurations.

Maintain security by monitoring and ensuring compliance to standards, policies, and procedures; conducting incident response analyses; developing and conducting training programs.

Upgrade security systems by monitoring security environment; identifying security gaps; evaluating and implementing enhancements.

Participate in and assist with incident response team, as appropriate.

Generate metrics for the Management as needed.

Prepare system security reports by collecting, analyzing, and summarizing data and trends.

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Cloud Security ManagementVulnerability ManagementThreat DetectionCSPM ToolsPublic Cloud InfrastructureThreat IntelligenceAccess ManagementNetwork SecuritySecurity VulnerabilitiesSecurity FrameworksVulnerability Management ServicesSecurity TechnologiesInformation Security ConceptsIncident ResponseCloud Workload Protection

Required

10+ years of proven experience in Cloud Security and Vulnerability Management/Threat Detection.

10+ years of experience with at least one of the following CSPM (Cloud Security Management) tools; Prisma Cloud (Palo Alto Networks), Wiz, AWS Security Hub, Microsoft Defender for Cloud (formerly Azure Security Center), Check Point Cloud Guard, Lacework OR Orca Security.

Must have strong experience in at least one public cloud infrastructure; Microsoft Azure, Google GCP, or AWS (Azure highly preferred).

Strong understanding of Threat Sources/Feeds like CISA, Threat Intelligence, and the latest Vulnerabilities like Log4J, Spring4shell, etc.

Bachelor’s degree in Information Security, MIS or Computer Science.

Preferred

Certifications such as CCSK, CCSP, GCSA, Microsoft Certified Azure Security Engineer Associate, CISSP or equivalent.

Thorough understanding of Identity and Access Management best practices in Public cloud.

Deep and diverse experience architecting and implementing network security designs. Expert in network security, system security and endpoint security.

Through understanding of security vulnerabilities and misconfigurations in the cloud infrastructure.

Thorough understanding of native cloud solutions like dockers, containers, Kubernetes, VDIs, cloud storage, cloud infrastructure, etc.

Familiarity with security frameworks and regulatory requirements such as NIST, ISO 27001/2, and SSAE-18.

Proven experience with products dealing with vulnerability management services which include Qualys, Nessus, Nexpose, etc.

Practical experience with the development, implementation, and management of security related technologies (i.e., SIEM, WAF, AV, Firewalls, Internet-facing services).

Excellent customer service including strong written and oral communication skills.

Knowledge of security network devices (firewalls, switches, SIEM, Antivirus, cryptography, etc.) and other security networking hardware/software tools.

Demonstrated understanding of information security concepts, standards, practices, including but not limited to firewalls, intrusion prevention and detection, TCP/IP and related protocols, device monitoring and log management and event monitoring/reporting.

Results focused and attention to detail.

Benefits

Comprehensive Medical, Dental and Vision

401K with Matching

Flexible Time Off

Corporate Fitness Program

A variety of voluntary benefits such as; Legal Plans, Accident and Hospital Indemnity, Pet Insurance and much more

Company

Blue Yonder

Glassdoor

4.2

Blue Yonder is a digital supply chain and omni-channel commerce fulfillment platform.

Founded in 1985

Scottsdale, Arizona, USA

5,001-10,000 employees

https://blueyonder.com

H1B Sponsorship

Blue Yonder has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Represents job field similar to this job

Trends of Total Sponsorships

2023 (53)

2022 (87)

2021 (112)

2020 (84)