Cloud Vulnerability Management Consultant - Level 4

Job Description

Description : We are seeking a skilled Cloud Vulnerability Management Operator to join our dynamic team. As an Cloud Vulnerability Management Operator, you will be responsible for identifying, assessing, and mitigating vulnerabilities across our multi-cloud environments. You will leverage native cloud tooling and services to ensure the security and integrity of our cloud infrastructure. What you will do: Work under the supervision and direction of the Threat and Vulnerability Operations Manager (TVM) and other senior members of the Security Operations team Develop strong working relationships with support teams, management, and cross-functional working groups Provide guidance to junior-level staffing where appropriate You would be responsible for reducing the Security risks in the cloud infrastructure environment Curate and ensure metrics and reporting are shared with leadership and key stakeholders, time to triage, time to respond Configure and maintain Cloud Posture Management tooling (CSPM) and provide guidance on secure infrastructure best practices Provide expertise within the Threat and Vulnerability Management program which includes Cloud Security Posture Management (CSPM) Develop technical security controls and secure configuration baselines for public cloud resources in AWS, Azure, and GCP Responsible for identifying, assessing, and mitigating vulnerabilities within a multi-cloud infrastructure Implement and leverage native cloud services to ensure the security and integrity of the multi-cloud infrastructure (e.g., AWS Inspector, GCP SCCP, Azure Defender) Ensure the regular scanning of instances and images to identify and assess vulnerabilities Assist with the tracking of the Infrastructure Bill of Materials (IBOM) to maintain an up-to-date inventory of all components and their security status Collaborate with development and operations teams to integrate security best practices into the CI/CD pipeline as it relates to posture management Review and ensure cloud infrastructure assets follow traditional CIS benchmarking standards and complete all required scanning (e.g., image scanning, VM, container, etc.) Create and maintain remediation tickets across our multi-cloud environment Proactively document and communicate deviations from standard baselines Fundamentals, Network/Endpoint Security, Cybersecurity Risk & Compliance, or Information Technology Strong organizational, interpersonal, and presentation skills Excellent written and oral communication skills Ability to multi-task and handle multiple projects at the same time Exceptional problem-solving, critical thinking, and analytical skills Desired Skills: 5-10+ years of Cloud Security experience Experience in Cloud Vulnerability management, configuration, and validation using various tools across multi-cloud environments Subject matter specialist or expert knowledge in AWS Inspector for Cloud, GCPs SCCP Cloud-related certification in either AWS or GCP Azure certification desired Awareness of metrics and reporting structure including experience with metrics curation tools (e.g., PowerBi) Proficiency using both the AWS Management Console and the AWS Command Line Interface (CLI) Proficiency in using both the GCP SCCP and the GCloud CLI commands Experience leading teams without a management role Possess at least five years of Linux and/or Windows System Administration knowledge Experience with vulnerability scanning tools and reporting Experience with vulnerability management scoring methodologies Knowledge of Cloud Posture Management tooling Knowledge of OWASP Top 10 Experience with the threat intelligence lifecycle Experience with application security frameworks Show more Show less