Cloud Security Analyst


Tanium Inc. logo
Tanium Inc.
Apply now Apply later

Posted 2 weeks ago

The Basics:

The Cloud Security Analyst will drive continuous improvement across all phases of the Incident Response Lifecycle within public cloud environments. In addition to responding to emerging Cybersecurity threats, the Cloud Security Analyst will collaborate with architecture, engineering, and threat intelligence teams to develop and implement comprehensive monitoring and response strategies aligned to Tanium’s core businesses. Candidates are expected to consistently question the status quo and are enabled to take action to ensure the effectiveness of a distributed security operations program operating within DevOps centric workflows.

What you'll do:

  • Drive continuous improvement across all aspects of Security Operations in our Cloud environment
  • Perform daily event and incident triage (e.g., malware triage, network analysis, live response, etc.)
  • Develop and maintain security operations processes & documentation (e.g., runbooks, operating procedures, etc.)
  • Enhance detection and prevention controls (e.g., logic updates, exclusions, etc.)
  • Collaborate on design, architecture, and threat models to incorporate detection and monitoring requirements
  • Collaborate on response, containment, and remediation for confirmed security incidents
  • Work with different operating systems and cloud hosting providers (e.g., AWS, GCP, Azure, OCI)
  • Develop automation playbooks to improve the efficiency of operation processes
  • Seek opportunities for continuous improvement and drive efficiency 
  • Maintain working knowledge of attacker tactics, techniques, and procedures (TTPs)
  • Maintain event collection environment through health monitoring

We’re looking for someone with:

  • Education
    • Bachelor's Degree in Computer Science, IT or other relevant degree or equivalent work experience
  • Experience
    • In accordance with Department of Defense requirements, applicants for this role must be a U.S. citizen, national, or resident pursuant to 8 U.S.C. 1101(a)(20) and 8 U.S.C. 1324b(a)(3)
    • 2+ years working in a Security Operations or equivalent role
    • 2+ years responding to threats in AWS (GCP, Azure, OCI are nice to have), required
    • Experience analyzing cloud provider logs (e.g., CloudTrail) to identify and respond to security events, required
    • Strong foundation in cloud-native investigative techniques and incident response methodologies, required
    • Firm understanding of attacker tactics, techniques, and procedures and means of detection
    • Practiced with common cloud-based cybersecurity services (e.g. GuardDuty, Cloud Guard, Azure ATP)
    • Proficiency with security tools and platforms (e.g., SIEMs, vulnerability scanners, and malware analyzers)
    • Strong technical understanding of networking basics, including TCP/IP and layer 7 protocols
    • Familiarity with IDS/IPS systems and endpoint Antivirus and EDR products
    • Working knowledge DevOps concepts (e.g., Infrastructure as Code, Deployment Pipelines, etc.)
    • Ability to synthesize risks and derive detection countermeasures

About Tanium:

At Tanium, we offer a proven platform for endpoint visibility and control that transforms how the world's largest and most sophisticated organizations manage and secure their computing devices with unparalleled speed and agility. There’s a reason why more than half of the Fortune 100, top retailers and financial institutions, and four branches of the US Armed Forces rely on Tanium.

Our unstoppable spirit, drive to do the right thing and win as a team attitude has earned us the rank of 7th on the Forbes list of “Top 100 Private Companies in Cloud Computing” for 2019 and 10th on FORTUNE’s list of the “100 Best Medium Workplaces.”

On a mission. Together.

At Tanium, we are stewards of a culture that emphasizes the importance of collaboration, respect, and diversity. In our pursuit of revolutionizing the way some of the largest enterprises and governments in the world solve their most difficult IT challenges, we are strengthened by our unique perspectives and by our collective actions.  

We are an organization with stakeholders around the world and it’s imperative that the diversity of our customers and communities is reflected internally in our team members. We strive to create a diverse and inclusive environment where everyone feels they have opportunities to succeed and grow because we know that only together can we do great things.

At Tanium, we take care of our employees and their communities with things like 5 days of Volunteer Time Off. 

Job tags: Architecture Automation AWS Azure C DevOps IDS Incident response IPS Malware TCP/IP Threat intelligence TTPs
Job region(s): North America Remote/Anywhere
Job stats:  29  2  0
  • Share this job via
  • or