- Familiarity with Azure SSO integration and SCIM automated user provisioning
- Experience with IAM / Modern Authentication / Identity tooling is a plus (e.g., ServiceNow, MFA, Security Token, OAUTH, Azure AD conditional access, AWS, etc.)
- Working knowledge of security risk oversight, CVSS (Common Vulnerability Scoring System), CVE (Common Vulnerabilities and Exposures), and technical security vulnerability remediation/mitigation
- Practical experience analyzing cloud infrastructure vulnerability data to understand and communicate risks, concerns, and outcomes of decisions
- Accountable for tracking application vulnerabilities through security tools and meeting with development teams to formulate remediation plans
- Prepare reports detailing metrics and KPIs of the security program and tools
- Build automation to actively audit the infrastructure for security misconfigurations by using cloud-native policies/scripts
- Work closely with the Product Engineering, Platform and Security Architecture teams to engineer and implement cloud security controls with a focus on DevSecOps
- Ability to design and implement secrets management solutions in cloud environments, including hands-on experience in building out systems utilizing tools such as AWS Secrets Manager or Azure Key Vault
- Experience in CI/CD pipeline using Jenkins, IaC like Terraform added advantage
- Broad knowledge of web standards relating to APIs (OAuth, SSL, CORS, JWT, etc.)
- Proficiency in scripting and programming languages like Python, PowerShell, or Bash
- Conduct thorough investigations of security incidents to determine the root cause and impact
- Proactively identify potential security vulnerabilities and weaknesses in the system and recommend appropriate remediation actions
- Participate in tabletop exercises and simulations to test and improve incident response plans
- Prepare detailed incident reports, documenting the findings, actions taken, and lessons learned
- Bachelors degree in information security, cybersecurity, or a related field
- 4+ years of experience with Azure DevOps, Azure Security, or a similar role within an enterprise-level organization
- Strong scripting skills in PowerShell
- Experience with infrastructure as code (IaC) concepts & being open to working with PowerShell+ DSC as your main IaC tool
- Solid understanding of incident response methodologies, tools, and frameworks
- Experience with change-management policies and procedures
- Excellent problem-solving skills and the ability to think critically under pressure
- Strong communication skills, both written and verbal, with the ability to convey complex technical concepts to non-technical stakeholders
- Relevant certifications such as Certified Secure Software Lifecycle Professional (CSSLP), Certified Information Systems Security Professional (CISSP), or Azure certifications
- Experience working with common security protocols, encryption, server technologies, modern authentication, and cloud app authorization architectures
- Familiarity with query languages, advanced queries, and penetration testing tools
- Knowledge of the MITRE ATT&CK framework or NIST Cyber Security Framework (CSF)
-
IT Security Analyst
2 weeks ago
Global Channel Management Raleigh, United StatesAbout the job IT Security Analyst · IT Security Analyst needs 3+ years experience · IT Security Analyst requires: · IT security · Cyber security · Banking industry · Finance industry · IT Security Analyst duties: · Supports Information Security and Cyber Threat management ...
-
Security Analyst
2 weeks ago
Arch Capital Group Ltd. Raleigh, United StatesWith a company culture rooted in collaboration, expertise and innovation, we aim to promote progress and inspire our clients, employees, investors and communities to achieve their greatest potential. Our work is the catalyst that helps others achieve their goals. In short, We Ena ...
-
Security Analyst
2 weeks ago
TEKsystems Raleigh, United StatesJob Description · Job Description3224149 · ** U.S. Citizens ** · 18-Month contract to hire · Top Skills: · 1. Experience with supporting end customers and providing professional and/or customer support. This person should have a background dealing with the end customer and resol ...
-
Information Security Analyst
2 weeks ago
Kimley-Horn & Associates, Inc. Raleigh, United StatesFamiliarity with Azure SSO integration and SCIM automated user provisioning. Experience with IAM / Modern Authentication / Identity tooling is a plus (e.g., ServiceNow, MFA, Security Token, OAUTH, Azure AD conditional access, AWS, etc.)Working knowle Security Analyst, Security, I ...
-
Information Security Analyst
3 weeks ago
TMS Raleigh, United StatesJob Description · Job DescriptionRole: Information Security AnalystDuration: Long TermLocation: Raleigh, NC, HybridHybrid role (3 Days WFO, 2 Days WFH)Local candidates are preferred, can consider relocation for strong candidate only. Skills: Broadcom Proxy, Web Content Filtering, ...
-
Information Security Analyst
1 week ago
Kimley-Horn Raleigh, United StatesOverview · Kimley-Horn, one of Fortune Magazine's "100 Best Companies to Work For," is looking for a Cloud Security Analyst to join the Information Security team in our Raleigh, NC office. As a Cloud Security Analyst, you will play a critical role in ensuring the security of our ...
-
Application Security Analyst
6 days ago
CGI Raleigh, United StatesApplication Security Analyst - Hybrid · Category: Cyber Security · Main location: United States, Various · Alternate Location(s): United States, North Carolina, Raleigh · United States, Ohio, Cleveland · Position ID:J · Employment Type: Full Time · Position Description: · C ...
-
Sr Cyber Security Analyst
2 weeks ago
Optomi Raleigh, United StatesSr. Incident Response Security Analyst (L2/L3 SOC) – 100% remote · Optomi, in partnership with a global enterprise level client in the healthcare and pharma industry is looking to add a strong incident responder to their team The Sr Cyber Security Analyst will assist at a Tier 3 ...
-
Information Security Analyst I
3 weeks ago
Curi Raleigh, United States· About UsCuri is a full-service advisory firm that serves physicians and medical practices. Equal parts fierce physician advocates, smart business leaders, and thoughtful partners, Curi's advisory, capital, and insurance offerings deliver valued advice that is grounded in clien ...
-
Information Security Analyst I
2 weeks ago
Curi Raleigh, United StatesAbout Us · Curi is a full-service advisory firm that serves physicians and medical practices. Equal parts fierce physician advocates, smart business leaders, and thoughtful partners, Curi's advisory, capital, and insurance offerings deliver valued advice that is grounded in clien ...
-
Senior Information Security Analyst
20 hours ago
Pierce Corporation Raleigh, United StatesCollaborate in defining and implementing strategic security goals by identifying optimal approaches and determining the necessary tools, technologies, tasks, processes, and metrics for execution · Facilitate the implementation of operational processes and maintain continuous sup ...
-
Senior Information Security Analyst
2 weeks ago
Pierce Technology Corp Raleigh, United StatesJob Description · Job DescriptionCollaborate in defining and implementing strategic security goals by identifying optimal approaches and determining the necessary tools, technologies, tasks, processes, and metrics for execution · Facilitate the implementation of operational proce ...
-
Security Analyst II, Proofpoint Engineer
2 weeks ago
5Iron Raleigh, United StatesSecurity Analyst II, Proofpoint Engineer · ESSENTIAL JOB FUNCTIONS · Manage existing Proofpoint Advanced Threat Protection/Email Protection platforms including: · Email Fraud Defense, Threat Response Auto-Pull, Targeted Attack Protection, Threat Response, Emerging Threats Intel ...
-
Connvertex Technologies Inc. Raleigh, United StatesJob Description · Job DescriptionApplication Security Integration Analyst/Engineer · Location: Raleigh, NC (Hybrid) · Duration: 1 year (Renewable · Experience: Minimum 5 years (More experience is acceptable for this analyst role) · What We Do · We are the Application Security te ...
-
Senior Security Risk Analyst #3496
3 weeks ago
GRAIL, LLC Raleigh, United States Full timeGRAIL is a healthcare company whose mission is to detect cancer early, when it can be cured. GRAIL is focused on alleviating the global burden of cancer by developing pioneering technology to detect and identify multiple deadly cancer types early. The company is using the power o ...
-
Security Analyst II, Proofpoint Engineer
1 week ago
5Iron Raleigh, United StatesManage existing Proofpoint Advanced Threat Protection/Email Protection platforms including: · Email Fraud Defense, Threat Response Auto-Pull, Targeted Attack Protection, Threat Response, Emerging Threats Intelligence, Data Loss Prevention (DLP) and Encryption. · Implement new in ...
-
Senior Security Risk Analyst #3496
3 weeks ago
GRAIL, LLC Raleigh, United States Full timeGRAIL is a healthcare company whose mission is to detect cancer early, when it can be cured. GRAIL is focused on alleviating the global burden of cancer by developing pioneering technology to detect and identify multiple deadly cancer types early. The company is using the power o ...
-
Truist Financial Corporation Raleigh, United StatesResponsible for developing and maintaining the technical IT/cyber security capabilities necessary for safeguarding the firm's information systems and applications (software development lifecycle), including every phase of the SDLC and software stack. Cybersecurity Analyst, Securi ...
-
Information Security Analyst
2 weeks ago
cPrime Cary, United StatesCprime · Enterprise IT, and Agile solutions. Partner of choice for Fortune 100 companies looking to achieve value and agility. Atlassian Platinum Solution Partner. · View company page · A Goldman Sachs | Everstone company, Cprime is a global consulting firm helping transformin ...
-
Cyber Security Analyst
5 days ago
MetLife Cary, United StatesCyber Security Analyst · Location(s) · Posting Location:Cary, North Carolina · Country · United States · Working Schedule · Full-Time · Work Arrangement · Hybrid · Relocation Assistance Available · No · Posted Date · 17-May-2024 · Job ID · 2513 · Description and Re ...
Information Security Analyst - Raleigh, United States - Kimley-Horn
Description
Overview:
Kimley-Horn, one of Fortune Magazines 100 Best Companies to Work For, is looking for a Cloud Security Analyst to join the Information Security team in our Raleigh, NC office. As a Cloud Security Analyst, you will play a critical role in ensuring the security of our organization's technology infrastructure and assets. You will be responsible for ensuring the security of our cloud infrastructure and applications, as well as identifying and mitigating security risks.
This is not a remote position.
Responsibilities:Desired Skills:
Applicants must be legally authorized to work for Kimley-Horn in the U.S. without employer sponsorship. We do not typically sponsor H1-B or any other work visa petitions.