Blue Yonder · 12 hours ago
Sr. Lead Cloud Infrastructure Vulnerability Analyst
Maximize your interview chances
CRMData Management
Growth OpportunitiesH1B Sponsor Likely
Insider Connection @Blue Yonder
Get 3x more responses when you reach out via email instead of LinkedIn.
Responsibilities
Discover and continuously monitor for vulnerabilities in the public cloud infrastructure, cloud workloads including dockers, Kubernetes, and containers, etc.
Create golden images for virtual machines, dockers and containers to be spun up for the business.
Identify gaps in Identity and Management (IAM) in Public Cloud.
Perform vulnerability scans and report findings for On-prem and Cloud networks.
Publish the vulnerability status reports to senior management and track remediation.
Define and participate in implementation of On-prem and Cloud architecture and security controls.
Proactive identification of threats and risk remediation.
Discover the assets in the cloud infrastructure to identify and continuously monitoring for security vulnerabilities and misconfigurations.
Maintain security by monitoring and ensuring compliance to standards, policies, and procedures; conducting incident response analyses; developing and conducting training programs.
Upgrade security systems by monitoring security environment; identifying security gaps; evaluating and implementing enhancements.
Participate in and assist with incident response team, as appropriate.
Generate metrics for the Management as needed.
Prepare system security reports by collecting, analyzing, and summarizing data and trends.
Qualification
Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.
Required
10+ years of proven experience in Cloud Security and Vulnerability Management/Threat Detection.
10+ years of experience with at least one of the following CSPM (Cloud Security Management) tools; Prisma Cloud (Palo Alto Networks), Wiz, AWS Security Hub, Microsoft Defender for Cloud (formerly Azure Security Center), Check Point Cloud Guard, Lacework OR Orca Security.
Must have strong experience in at least one public cloud infrastructure; Microsoft Azure, Google GCP, or AWS (Azure highly preferred).
Strong understanding of Threat Sources/Feeds like CISA, Threat Intelligence, and the latest Vulnerabilities like Log4J, Spring4shell, etc.
Bachelor’s degree in Information Security, MIS or Computer Science.
Preferred
Certifications such as CCSK, CCSP, GCSA, Microsoft Certified Azure Security Engineer Associate, CISSP or equivalent.
Thorough understanding of Identity and Access Management best practices in Public cloud.
Deep and diverse experience architecting and implementing network security designs. Expert in network security, system security and endpoint security.
Through understanding of security vulnerabilities and misconfigurations in the cloud infrastructure.
Thorough understanding of native cloud solutions like dockers, containers, Kubernetes, VDIs, cloud storage, cloud infrastructure, etc.
Familiarity with security frameworks and regulatory requirements such as NIST, ISO 27001/2, and SSAE-18.
Proven experience with products dealing with vulnerability management services which include Qualys, Nessus, Nexpose, etc.
Practical experience with the development, implementation, and management of security related technologies (i.e., SIEM, WAF, AV, Firewalls, Internet-facing services).
Excellent customer service including strong written and oral communication skills.
Knowledge of security network devices (firewalls, switches, SIEM, Antivirus, cryptography, etc.) and other security networking hardware/software tools.
Demonstrated understanding of information security concepts, standards, practices, including but not limited to firewalls, intrusion prevention and detection, TCP/IP and related protocols, device monitoring and log management and event monitoring/reporting.
Results focused and attention to detail.
Benefits
Comprehensive Medical, Dental and Vision
401K with Matching
Flexible Time Off
Corporate Fitness Program
A variety of voluntary benefits such as; Legal Plans, Accident and Hospital Indemnity, Pet Insurance and much more
Company
Blue Yonder
Blue Yonder is a digital supply chain and omni-channel commerce fulfillment platform.
H1B Sponsorship
Blue Yonder has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2023 (53)
2022 (87)
2021 (112)
2020 (84)
Funding
Current Stage
Late StageTotal Funding
$575MKey Investors
Panasonic
2021-03-08Acquired· by Panasonic ($5.6B)
2020-05-20Secondary Market· Undisclosed
2016-10-13Private Equity· $575M
Recent News
2024-10-31
2024-05-28
2024-05-18
Company data provided by crunchbase