TekStaff's Client has a current vacancy for "Security Analyst"

Job Description Typical Day in Role: The incumbent is responsible for supporting the Senior Manager, Director, CIO, and CSO in achieving enterprise security strategic goals through various processes, including: Contribute to the success of our cloud transformation by supporting the review and triage of the findings flagged by Cloud-Native Application Protection Platforms (CNAPP). Develop and/or enhance strategies and processes to manage the security vulnerabilities and threats for cloud-native applications. Develop and/or enhance reporting to development teams, and all levels of management to provide proper tracking and measurement of remediation relative to established objectives. Leverage AI-assisted capabilities to support the triage and prioritization of CNAPP findings, improving signal-to-noise ratio and accelerating identification of true risk across cloud environments. Collaborate with stakeholders across the Bank — you will work closely with Development and Engineering, DevOps, Cloud, Application Security, and other application owner teams across the organization to deliver Cloud Security capabilities for the Bank. Utilize AI-driven insights and tooling to analyze cloud misconfigurations, identify root causes, and recommend effective remediation strategies. Review and recommend remediations for Cloud Workload Protection Platform (CWPP) vulnerabilities, and Cloud Security Posture Management (CSPM) findings. Recommend, design, implement, deploy, and maintain Application Security controls required to protect client’s bank and its customers. Responsible for adherence to an established process flow that ensures development support teams, infrastructure support teams, and business risk owners implement control measures that effectively mitigate or eliminate the identified risk. Understand how the Bank’s risk appetite and risk culture should be considered in day-to-day activities and decisions Candidate Requirements/Must Have Skills:

1. 10+ years’ relevant working experience in IT (development, DevOps, cloud security etc.)
2. 4+ years’ experience with popular CI/CD tools and processes like BitBucket/GitHub, Jfrog Artifactory, Jenkins, Azure DevOps, GitLab CI/CD, CircleCI.
3. 2+ years’ experience with Cloud Security domains like CNAPP, CWPP, CSPM and/or tools like SCCE, CrowdStrike, Prisma Cloud, Aqua Enterprise, MS Defender etc.
4. 5+ years’ experience with documenting process, procedure, and user guide.

Nice-To-Have Skills:

• GCP PCSE Certification
• experience with large organization cloud transformation.
• experience as a DevSecOps Engineer, with demonstrated experience in security integration, automation of security processes, risk assessment and mitigation. -GCP/Azure experience TekStaff may use artificial intelligence (AI) tools as part of the applicant screening process. However, applications will also be reviewed by a member of our Recruitment team to ensure a fair and thorough assessment.