• Manage and Optimize Security Tools:
• Administer, configure, and optimize cloud (ie. remove the noise to make actionable data) security tools such as CSPM (Cloud Security Posture Management), CNAPP (Cloud Native Application Protection Platforms), and CWPP (Cloud Workload Protection Platform) to detect misconfigurations and security risks in real-time.
• Ensure that detection systems are calibrated for optimal performance, with minimal false positives and comprehensive coverage of cloud infrastructure.
• Misconfigurations and Vulnerabilities Identification:
• Continuously monitor cloud environments (AWS, Azure, GCP) to detect misconfigurations, vulnerabilities, and compliance issues.
• Perform thorough security assessments of cloud-based applications, infrastructure, and services to identify potential security weaknesses and risks.
• Work closely with internal teams to prioritize detected misconfigurations based on risk severity and business impact.
• Cross-Team Cloud Security Support:
• Provide expert guidance and support to various teams (DevOps, infrastructure, development, etc.) on initiatives involving cloud security.
• Ensure alignment of cloud security practices across the organization by actively participating in project planning, design reviews, and solution implementations.
• Log Analysis and SIEM Optimization:
• Analyze cloud logs to detect security incidents and ensure comprehensive coverage of cloud activities.
• Identify and troubleshoot gaps in log ingestion, ensuring that all relevant logs are properly ingested into the SIEM (Security Information and Event Management) for centralized monitoring and alerting.
• Incident Response and Threat Hunting:
• Support security incident response efforts by providing expertise on cloud security issues and misconfigurations.
• Generate regular reports and metrics to communicate cloud security posture to leadership and stakeholders, including the status of remediation efforts.
• Policy and Compliance:
• Ensure compliance with industry regulations, internal security policies, and best practices related to cloud environments (e.g., SOC 2, PCI-DSS, HIPAA, etc.).
• Develop and maintain documentation related to cloud security practices, processes, and procedures.

Education:

• Bachelor Degree in Computer Science, Information Security, or a related field is preferred

Experience:

• 2+ years of experience in cloud security engineering or similar roles, with hands-on experience securing cloud environments.
• Strong understanding of AWS native services and related logging capabilities.
• Proven experience managing security tools such as CSPM, CNAPP, vulnerability scanners, and SIEM platforms.

Technical Skills:

• Knowledge of cloud security frameworks (e.g., AWS Well-Architected Framework, CIS Benchmarks).
• Experience with log analysis, SIEM integration, threat hunting, and incident response in cloud environments.

Certifications (Preferred):

• Relevant cloud and security certifications (e.g., AWS Certified Security – Specialty, Azure Fundamentals, Cloud+, Security+).

MUST BE LOCAL TO TAMPA, FL for a hybrid work environment.

#LI-TD1

Special Working Conditions:

Important Notice:

This position description is intended to describe the level of work required of the person performing in the role and is not a contract. The essential responsibilities are outlined; other duties may be assigned as needs arise or as to support the Firm. All requirements may be modified to reasonably accommodate physically or mentally challenged colleagues.