Sr. Cloud Infrastructure Vulnerability Analyst

1 Month ago • 6-8 Years • Cyber Security

About the job

Job Description

Sr. Cloud Infrastructure Vulnerability Analyst responsible for CSPM & CWP, identifying security vulnerabilities and misconfigurations across cloud infrastructures. Must have 6+ years of experience in information security or vulnerability management and 4+ years of experience in cloud security, including expertise in at least one public cloud infrastructure (Azure highly preferred).
Must have:
  • Cloud Security
  • Vulnerability Management
  • Public Cloud
  • CSPM Tools
Good to have:
  • CCSK, CCSP
  • Threat Intelligence
  • IAM Best Practices
  • Network Security
Perks:
  • 401K Matching
  • Flexible Time Off
Not hearing back from companies?
Unlock the secrets to a successful job application and accelerate your journey to your next opportunity.

Role: Sr. Cloud Infrastructure Vulnerability Analyst

Synonymous Business Titles: Sr Risk Assessor, Cloud Security Analyst

Location: Dallas, TX or Scottsdale, AZ (remote schedule)

Overview: 

  • Blue Yonder is a Leading AI-driven Global Supply Chain Solutions Software Product Company and one of Glassdoor’s “Best Places to Work”  
  • Seeking an Sr. Cloud Infrastructure Vulnerability Analyst who would be responsible for Cloud Security Posture Management (CSPM), identifying security vulnerabilities including misconfigurations across cloud infrastructures, including Infrastructure as a Service (IaaS), Software as a Service (SaaS), and Platform as a Service (PaaS).  
  • This candidate would also be responsible for Cloud Workload Protection (CWP), to provide continuous discovery and monitoring of vulnerabilities in the workloads deployed in the cloud infrastructure.
  • Candidate will be directly responsible for vulnerability management and threat management of the overall infrastructure and information assets.

Scope: 

  • Core responsibilities to include assessing and promoting remediation for all the assets in the Infrastructure as a Service (IaaS) and Software as a Service (SaaS).
  • Candidate will be a key member of the centralized information security team.

What you’ll do: 

  • Discover and continuously monitor for vulnerabilities in the public cloud infrastructure, cloud workloads including dockers, Kubernetes, and containers, etc.
  • Create golden images for virtual machines, dockers and containers to be spun up for the business.
  • Identify gaps in Identity and Management (IAM) in Public Cloud.
  • Perform vulnerability scans and report findings for On-prem and Cloud networks.
  • Publish the vulnerability status reports to senior management and track remediation.
  • Define and participate in implementation of On-prem and Cloud architecture and security controls.
  • Proactive identification of threats and risk remediation.
  • Discover the assets in the cloud infrastructure to identify and continuously monitoring for security vulnerabilities and misconfigurations.
  • Maintain security by monitoring and ensuring compliance to standards, policies, and procedures; conducting incident response analyses; developing and conducting training programs.
  • Upgrade security systems by monitoring security environment; identifying security gaps; evaluating and implementing enhancements.
  • Participate in and assist with incident response team, as appropriate.
  • Generate metrics for the Management as needed.
  • Prepare system security reports by collecting, analyzing, and summarizing data and trends.

What we are looking for:  

Required Qualifications:

  • 6-8 years of proven experience in Information security or Vulnerability Management.
  • 4 years of experience in Cloud security (Bachelor/Master’s degree can be substituted for experience).
  • Must have strong experience in at least one public cloud infrastructure; Microsoft Azure, Google GCP, or AWS (Azure highly preferred).
  • Must have worked with at least one of the following Cloud Security Posture Management tools; Wiz, Aqua Security, Prisma Cloud, or Orca.
  • Strong understanding of Threat Sources/Feeds like CISA, etc., Threat Intelligence, and the latest vulnerabilities like Log4J, Spring4shell, etc.
  • Bachelor’s degree in Information Security, MIS or Computer Science.

Nice to have Qualifications:

  • Certifications such as CCSK, CCSP, GCSA, Microsoft Certified Azure Security Engineer Associate, CISSP or equivalent. 
  • Strong expertise in Vulnerability and Threat Management, gathering and condensing threat intelligence into actionable and meaningful communication materials. 
  • Thorough understanding of Identity and Access Management best practices in Public cloud.
  • Deep and diverse experience architecting and implementing network security designs. Expert in network security, system security and endpoint security. 
  • Through understanding of security vulnerabilities and misconfigurations in the cloud infrastructure.
  • Thorough understanding of native cloud solutions like dockers, containers, Kubernetes, VDIs, cloud storage, cloud infrastructure, etc.
  • Familiarity with security frameworks and regulatory requirements such as NIST, ISO 27001/2, and SSAE-18. 
  • Proven experience with products dealing with vulnerability management services which include Qualys, Nessus, Nexpose, etc. 
  • Practical experience with the development, implementation, and management of security related technologies (i.e., SIEM, WAF, AV, Firewalls, Internet-facing services). 
  • Excellent customer service including strong written and oral communication skills. 
  • Knowledge of security network devices (firewalls, switches, SIEM, Antivirus, cryptography, etc.) and other security networking hardware/software tools. 
  • Demonstrated understanding of information security concepts, standards, practices, including but not limited to firewalls, intrusion prevention and detection, TCP/IP and related protocols, device monitoring and log management and event monitoring/reporting. 
  • Results focused and attention to detail. 

#LI-MH1

-------------------------------------------

The salary range for this position is $105,261.54 to $132,738.45

The salary range information provided, reflects the anticipated base salary range for this position based on current national data.  Minimums and maximums may vary based on location.  Individual salary will be commensurate with skills, experience, certifications or licenses and other relevant factors.  In addition, this role will be eligible to participate in either the annual performance bonus or commission program, determined by the nature of the position.

At Blue Yonder, we care about the wellbeing of our employees and those most important to them. This is reflected in our robust benefits package and options that includes: 

  • Comprehensive Medical, Dental and Vision 

  • 401K with Matching 

  • Flexible Time Off 

  • Corporate Fitness Program 

  • A variety of voluntary benefits such as; Legal Plans, Accident and Hospital Indemnity, Pet Insurance and much more

At Blue Yonder, we are committed to a workplace that genuinely fosters inclusion and belonging in which everyone can share their unique voices and talents in a safe space. We continue to be guided by our core values and are proud of our diverse culture as an equal opportunity employer. We understand that your career search may look different than others, and embrace the professional, personal, educational, and volunteer opportunities through which people gain experience.

Our Values


If you want to know the heart of a company, take a look at their values. Ours unite us. They are what drive our success – and the success of our customers. Does your heart beat like ours? Find out here: Core Values

Diversity, Inclusion, Value & Equity (DIVE) is our strategy for fostering an inclusive environment we can be proud of. Check out Blue Yonder's inaugural Diversity Report which outlines our commitment to change, and our video celebrating the differences in all of us in the words of some of our associates from around the world.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.

View Full Job Description
$105.3K - $132.7K/yr (Outscal est.)
$119.0K/yr avg.
Dallas, Texas, United States

Add your resume

80%

Upload your resume, increase your shortlisting chances by 80%

About The Company

Bengaluru, Karnataka, India (On-Site)

Monterrey, Nuevo Leon, Mexico (Remote)

Bengaluru, Karnataka, India (On-Site)

Dallas, Texas, United States (Remote)

Bengaluru, Karnataka, India (On-Site)

Hyderabad, Telangana, India (On-Site)

Bengaluru, Karnataka, India (On-Site)

Bengaluru, Karnataka, India (On-Site)

View All Jobs

Get notified when new jobs are added by Blue Yonder

Similar Jobs

Get notifed when new similar jobs are uploaded

Similar Skill Jobs

Bounteous - Technical Delivery Lead

Bounteous, Canada (Remote)

Virtuos - Global Senior System Administrator

Virtuos, France (On-Site)

Arrow Electronics - Senior Cloud AD Engineer

Arrow Electronics, India (On-Site)

Teradata - Senior Product Manager

Teradata, India (On-Site)

Assurant - Lead DevOps Cloud Engineer

Assurant, India (Remote)

Hitachi - D365 F&O (Offshore Delivery)

Hitachi, India (Remote)

paypal - Sr. Software Engineer, Data Governance

paypal, United States (Hybrid)

Get notifed when new similar jobs are uploaded

Jobs in Dallas, Texas, United States

Fabric - Applied Researcher, Cryptography Hardware

Fabric, United States (Remote)

Alpha Sense - Product Specialist

Alpha Sense, United States (Remote)

The Walt Disney Company - Lead Data Analyst

The Walt Disney Company, United States (On-Site)

Acceldata - Resident Solutions Architect

Acceldata, United States (Remote)

The Walt Disney Company - Content Planning Associate

The Walt Disney Company, United States (On-Site)

paypal - Software Engineer - Java

paypal, United States (Hybrid)

Wolters Kluwer - Executive Assistant

Wolters Kluwer, United States (Hybrid)

Mashgin - Deployment Engineer - Tennessee

Mashgin, United States (Remote)

Zoox - Software Engineer - Perception Mapping

Zoox, United States (Hybrid)

Get notifed when new similar jobs are uploaded

Cyber Security Jobs

bosh group india - SAP Authorization/Security Consultant

bosh group india, (Remote)

PwC - IT Project Management

PwC, Portugal (On-Site)

Blue Yonder - Senior Incident Response Analyst

Blue Yonder, Mexico (On-Site)

undefined - Staff Engineer, Embedded Security

Bengaluru, Karnataka, India (On-Site)

Trend Micro - Sales Engineer

Trend Micro, Netherlands (On-Site)

Saviynt - Account Executive

Saviynt, United States (Remote)

ION - Platform Security Analyst

ION, Italy (On-Site)

Unity - Senior Infrastructure Security Manager

Unity, United States (On-Site)

Get notifed when new similar jobs are uploaded