Cloud Security Operations Analyst (REMOTE)
The Senior Cloud Security Specialist will serve as a technical leader in cloud security operations, responsible for designing and implementing advanced threat detection and mitigation strategies across multi-cloud environments. This role demands deep expertise in cloud-native and CNAPP technologies, incident response, and forensic investigation. The SME will collaborate with Security Engineering & Architecture, CSOC, and governance teams to ensure a resilient and compliant cloud security posture. Key Responsibilities:
- Threat Detection & Investigation
- Deploy and optimize cloud-native and third-party threat detection platforms (e.g., AWS GuardDuty, Azure Defender, GCP SCC).
- Investigate alerts using telemetry, behavioral analytics, and AI/ML-based anomaly detection.
- Align detection logic with MITRE ATT&CK and CSA CCM frameworks
- Rule Creation & CNAPP Integration
- Author and tune detection rules leveraging CNAPP platforms (e.g., Wiz, Prisma Cloud, Orca).
- Integrate CNAPP telemetry into SIEM/SOAR workflows for automated response
- Monitoring and manage security configurations for cloud services in a multi-cloud environment.
- Mitigation Strategy Development
- Design and implement dynamic playbooks for threat containment and remediation.
- Collaborate with DevOps and product teams to embed security controls into CI/CD pipelines.
- Exposure to cloud security guardrail automation, such as AWS SCP and Azure Policies.
- Incident Response & Forensics
- Lead incident triage and root cause analysis across cloud environments.
- Conduct forensic investigations using cloud-native tools and third-party platforms.
- Document findings and contribute to post-incident reviews and continuous improvement
- Security Architecture & Governance
- Provide guidance on secure cloud architecture, access controls, and data protection.
- Firm understanding of cloud security best practices and cloud well architected frameworks.
- Ensure compliance with SOX, GDPR, and internal governance policies
Required Skills & Abilities:
- Deep expertise in AWS, Azure, GCP, and OCI cloud security services.
- Hands-on experience with CNAPP platforms (e.g., Wiz, Prisma Cloud, Orca).
- Proficiency in threat detection rule creation, tuning and alert response leveraging tools such as CrowdStrike, Wiz Defend, AWS GuardDuty, etc.
- Respond to Kubernetes and Cloud Container threat alerts (e.g., unusual API invocations) and tune detection rules accordingly
- Strong knowledge of SIEM/SOAR platforms (e.g., Splunk, Sentinel, Elastic, Tines).
- Experience in cloud forensics and incident response workflows.
- Familiarity with infrastructure-as-code (IaC) tools (Terraform, CloudFormation).
- Strong analytical, investigative, and documentation skills.
- Excellent communication and leadership abilities.
Qualifications: 7+ years' experience in a cyber security, cyber investigations, cyber threat intelligence, or combination of these three roles. Undergraduate degree in technical discipline, Computer Science or related field required. Graduate degree preferred. CISSP, AWS Cloud Practitioner, AWS Certified Security - Specialty, or other cloud specific certifications preferred. Automation and scripting for WAF operations. Machine Learning and behavioral analytics for traffic anomalies. Special Factors Sponsorship Vanguard is not offering visa sponsorship for this position. About Vanguard At Vanguard, we don't just have a mission—we're on a mission. To work for the long-term financial wellbeing of our clients. To lead through product and services that transform our clients' lives. To learn and develop our skills as individuals and as a team. From Malvern to Melbourne, our mission drives us forward and inspires us to be our best. How We Work Vanguard has implemented a hybrid working model for the majority of our crew members, designed to capture the benefits of enhanced flexibility while enabling in-person learning, collaboration, and connection. We believe our mission-driven and highly collaborative culture is a critical enabler to support long-term client outcomes and enrich the employee experience. Apply tot his job Apply To this Job