Cloud Security Analyst Jobs

The Company:

Cypress Creek Renewables is powering a sustainable future, one project at a time. We develop, finance, own, and operate utility-scale and distributed solar and storage projects across the country. Fostering a diverse group of innovative thinkers from all backgrounds, Cypress people are drawn to work in a purpose-driven organization. We hope you will join us.

Summary:

We are seeking a Cloud Security Analyst to join our team and provide oversight of our cloud-based security practices. The successful candidate will be responsible for maintaining the security of our cloud-based systems and infrastructure, identifying, analyzing, managing potential security threats in cloud environments, and implementing solutions to mitigate those threats and report on them.

Key Responsibilities:

• Collaborate with cross-functional teams to implement security controls and solutions in cloud environments.
• Evaluate potential new applications for process improvement.
• Monitor cloud security systems and alerts to detect and respond to security incidents.
• Other tasks as assigned.
• Prepare reports that take note of security issues.
• Develop and maintain security documentation, including security plans, procedures, and policies.
• Work with Cloud Lead to Develop and implement security policies and procedures to ensure compliance with industry standards and regulations in cloud environments.
• Conduct regular security assessments and audits of cloud-based infrastructure and applications.
• Develop and maintain security plans for best standards and practices for the company.
• Perform security risk assessments and develop risk management plans.
• Conduct security awareness training for staff members.
• Work with Cloud Lead to develop best practice cloud security guardrails for deploying code, and cloud infrastructures.
• Familiar with using and administering the M365 App Suite
• Liaise with external auditors and regulatory bodies to ensure compliance with relevant regulations and standards.
• Configure and administer software that is for protecting sensitive information.
• Keep up to date with the latest security threats and trends and make recommendations for improvements to our security posture to senior leadership.
• Develop and maintain disaster recovery and business continuity plans for cloud-based systems.
• Respond to security incidents in cloud environments and conduct investigations/document as needed.
• Maintain up-to-date knowledge of the latest cloud security trends and technologies.
• Conduct security audits and vulnerability assessments on cloud-based systems and manage recommended remediations.

Qualifications:

• Network management knowledge a strong plus
• Ability to work effectively in a fast-paced environment with competing priorities.
• Experience with security tools in cloud environments such as SIEM solutions, vulnerability scanners, and penetration testing tools
• Able to implement and manage automations & orchestration (low code/no code)
• Strong knowledge of cloud security best practices and technologies
• Relevant industry certifications such as AWS Certified Security - Specialty or CompTIA Cloud+/Sec+, or Azure Security Engineer, CCSP, CISA, are highly desirable.
• 3+ years of experience in writing and enforcing security policy, standards, and practices.
• Practical experience with PowerShell desired.
• Ability to analyze and interpret security data in cloud environments and make recommendations for risk mitigation.
• Strong understanding of cloud security protocols and technologies (firewalls, intrusion detection/prevention systems, VPN, etc.)
• Experience with cloud-based security tools and services, such as AWS Security Hub, Azure Sentinel
• Bachelor's degree in Computer Science, Cybersecurity or a related field
• Experience with cloud platforms such as Azure and AWS
• Strong problem-solving and analytical skills
• Experience with DevSecOps practices and tools, such as Git, BitBucket, DAST, SAST, IAST,RASP
• Excellent verbal and written communication, collaboration skills
• 3+ years of experience in security analysis in cloud environments (Azure, AWS)
• Familiarity with security regulations in cloud environments such as ISO27001, SOC2, and GDPR

Location: Durham, NC office, hybrid schedule

A note to Recruiting Agencies Cypress Creek Renewables Human Resources team does not accept unsolicited resumes from third party recruiters, staffing firms, or related agencies. The Human Resources team coordinates all recruiting and hiring at our company. We do not accept resumes from third-party recruiters unless authorized by the Human Resources team and if a signed agreement is in place. Any unsolicited resumes will be considered property of CCR and we are not responsible for any related fees. All communication related to recruiting partnerships should ONLY be directed to the Human Resources team.

Cypress Creek Renewables is an equal opportunity employer and considers all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or veteran status. We are committed to providing a workplace that is inclusive and values diversity, and we encourage candidates from all backgrounds to apply.