Cloud Security Analyst (#01378)

Information Technology Services, Inc.   Norfolk, VA   Full-time     Information Services / Technology (IT)
Posted on September 13, 2023
Apply Now

Information Technology Services (ITS) at Old Dominion University is seeking a full-time Cloud Security Analyst to provide support to the University’s computing environment through research, testing and evaluating computer security products and procedures to provide the campus with a reliable and secure computing environment. This employee will hold responsibility for defining, coordinating, and monitoring the Information Security environment and investigating suspected violations of Information Security policies with emphasis on cloud computing environments. This position relates to the department objective by providing the information security needed to support the high quality and reliability of the services offered by ITS and across ODU.

Required qualifications include:

  • Considerable knowledge of computer security monitoring tools and identity systems.
  • Considerable knowledge as a cybersecurity practitioner with exposure to Amazon Web Services (AWS), Microsoft Azure, Google Cloud, and virtualization platforms.
  • Considerable IAM knowledge, including LDAP, OAuth and OpenID.
  • Considerable knowledge of cloud security tools such as Cloud Access Security Broker (CASB), or Cloud Security Posture Management (CSPM), Cloud Identity Entitlement Management (CIEM), or Cloud Workload Protection(CWP).
  • Considerable knowledge of scripting languages such as Python, Ruby, PowerShell, and JavaScript.
  • Considerable understanding of incident response, system configuration, vulnerability management, and hardening guidelines in an enterprise environment.
  • Some knowledge of network and encryption, including virtual private networks (VPNs), IPsec, SSL/TLS, and public key infrastructure (PKI).
  • Some knowledge of orchestration tools such as AWS CloudFormation, Terraform, and Kubernetes. ·
  • Some knowledge of development, configuration, and application security tools such as Git and Docker, Jenkins, Chef, Puppet, and Ansible, SAST and DAST tools.
  • Demonstrated Linux and Windows support skills.
  • Strong problem-solving skills necessary to manage complex local and international security requirements.
  • Good collaboration skills with technical and non-technical teams to promote ideas to support business enablement.
  • Demonstrated ability to act with integrity, be adaptable, and communicate effectively.
  • Demonstrated ability to work independently, be well-organized, and position controls in anticipation of threats.

Additional Considerations include:

  • Considerable experience in establishing and maintaining a secured computing environment.
  • Working experience and understanding of various regulatory requirements and laws, including but not limited to: Payment Card Industry (PCI), Health Insurance Portability and Accountability Act (HIPAA), Gramm-Leach-Bliley Act (GLBA), FERPA, and CUI/CMMC.
  • Basic understanding of scripting for automation, data mining, reporting, metrics, and alerts.
  • Some knowledge of system risk analysis and risk assessment concepts.
  • Additionally, some experience in one or more of the following: ISO 27001/2 or NIST.
  • Some knowledge of international and state privacy laws.
  • Some leadership experience to help with the organizational and team dynamics in a growing field.
  • Bachelor’s Degree in Computer Science (or related discipline) and/or compensating experience in the field of computer security.
  • Working experience writing technical documentation.
  • Holds or working toward one or more including: CCSP, CISSP, AWS Certified Cloud Practitioner or additional AWS advanced certifications such as, AWS Certified Security – Specialty or AWS Certified DevOps Engineer.

Position opens September 4, 2023. To review required knowledge, skills, and abilities for this position and to submit an application, please visit AA/EOE