Cloud Analyst

As a Cloud Security Subject Matter Expert (SME) with 4 to 6 years of relevant experience, your role will involve designing, implementing, and maintaining robust cloud security architecture and controls for the cloud environments (public/multi-cloud) in line with best practices. You will configure, manage, and optimize CNAPP for cloud security posture management (CSPM), vulnerability management, misconfiguration detection, secrets management, identity & access management, and runtime risk detection. Your collaboration with DevOps, Cloud Engineering, and Product teams is essential to embed security practices into CI/CD pipelines, infrastructure as code, deployments, and operations. Your responsibilities also include implementing and enforcing security policies, governance, and compliance frameworks, performing security audits, risk assessments, and threat modeling, as well as monitoring security incidents and responding effectively to alerts/vulnerabilities. Key Responsibilities: - Design, implement, and maintain robust cloud security architecture and controls for cloud environments (public/multi-cloud). - Configure, manage, and optimize CNAPP for cloud security posture management (CSPM), vulnerability management, misconfiguration detection, secrets management, identity & access management, and runtime risk detection. - Collaborate with DevOps, Cloud Engineering, and Product teams to embed security practices into CI/CD pipelines, infrastructure as code, deployments, and operations. - Implement and enforce security policies, governance, and compliance frameworks. - Perform security audits, risk assessments, and threat modeling. - Monitor security incidents, respond effectively to alerts/vulnerabilities, and establish incident response/remediation workflows. - Maintain up-to-date knowledge of emerging cloud security threats, tools, and regulatory requirements; recommend improvements to our security posture. Desired Skills & Qualifications: - Prior experience working with CNAPPs (Wiz, Prisma Cloud, Orca, etc.) in real-world environments. - Strong knowledge of cloud providers (AWS, Azure, GCP, etc.), infrastructure as code (Terraform, ARM templates, etc.), containerization/Kubernetes. - Solid understanding of identity & access management, secrets management, least privilege models. - Hands-on experience in threat detection, vulnerability/managing misconfigurations, attack path analysis. - Good communication skills to translate technical risk into business impacts. - Relevant certifications preferred (e.g. CISSP, CCSP, AWS Certified Security, etc.).,