Security Analyst

stackArmor is a fast-growing AWS security and cloud migration services partner with a focus on delivering compliance focused services. We were ranked #136 in the INC 500 fastest growing private companies in North America. We are growing our team and looking for talented and enthusiastic AWS engineers to help us migrate, manage, and automate common security and operations functions.

We are looking for Security Analyst to join our team of cloud, security, and compliance experts. This role requires experience with ensuring the security, confidentiality, integrity, and availability of AWS-based applications and systems.

Responsibilities/Duties:

· System Compliance: Responsible for understanding the security baselines of the environments assigned and performing work in compliance with the standards set forth by the security baselines

· System Monitoring and Reporting: Reviews on a daily, weekly, or monthly basis the scans and dashboards created to monitor the assigned environments in compliance with the required standards. Reports must be generated on a defined reoccurring timeline based on the above scans and dashboards. Monitoring and Reporting requirements will include but are not limited to Splunk Alerts, Trend Micro dashboard, Vulnerability scans.

· Understand and operate in accordance with security authorization packages and procedures/plans for client requirements and FedRAMP or FISMA compliance including:

• System Security Plan(SSP)
• Contingency Plan(CP)
• Incident Response Plan(IRP)
• Plan of Action and Milestones(POA&M)
• Configuration Management Plan(CMP)
• Remediation Plan(s)

· Develops and maintains POA&Ms and supports remediation activities in coordination with the customer and Security Engineers.

· Maintains an inventory of hardware and software for information systems for the client.

· Develops, coordinates, tests, and trains on CPs and IRPs.

· Performs risk analyses to determine cost-effective and essential safeguards in response to Significant Change Requests (SCR).

· Reviewing, analyzing, and documenting security vulnerability and compliance scans

o Reporting and coordinating with customers on their role in remediation

o Communication through ticketing and verbal communication

· Supports CCB type activities

o Attends client meetings

o Provides continuous monitoring to enforce client security policy and procedures

o Creates processes that provide oversight of the clients internal ConMon Activities:

•  Ticketing
•  Reporting
•  Configuration Management

Requirements:

· Ability to actively and effectively communicate, interact, and solve critical customer problems.

· Ability to think and act strategically and proactively.

· Demonstrated experience with AWS, Systems Administration and Vulnerability Management. Industry certifications are a plus.

· Ability to work independently with minimal direction or supervision.

· Hands-on experience using and/or configuration of one or more of the following:

• Palo Alto Networks Firewalls
• Splunk Enterprise
• Tenable Security Center/Nessus
• TrendMicro Deep Security
• Anchore
• Twistlock
• Terraform
• Cloud formation
• Ansible