Sr. Analyst, Cybersecurity Operations focused on cloud security. As a key player in our Cloud Assurance team, you will help provide comprehensive visibility into cloud infrastructures, monitor for misconfigurations, and proactively detect threats.
Essential Responsibilities:
- Independently apply security best practices to enhance and optimize cyber threat management, ensuring robust protection and efficiency, while beginning to understand and align security measures with business objectives.
- Partner with peers and internal teams to drive security initiatives, contribute to cross-functional projects, and at times co-lead efforts to strengthen security posture and cyber threat management.
- Analyze and resolve security challenges by adapting standard cyber threat management processes and exploring alternative approaches to address complex threats.
- Influence the quality, efficiency, and effectiveness of the team through informed decision-making, with a potential impact on other teams.
- Collaborate with key partners to gather and incorporate feedback, driving continuous improvements in cyber threat management.
Minimum Qualifications:
- Minimum of 5 years of relevant work experience and a Bachelor's degree or equivalent experience.
Your day to day:
This role will be focused primarily on the security in AWS and GCP cloud environments at PayPal. This will include the security aspects of infrastructure, build pipelines, application design, cloud native service and tool design patterns, stakeholder communications, consulting and advisement of peer security teams, and solution review and approval. Daily tasks will include but not limited to:
- Onboarding Cloud accounts (such as Azure, AWS & GCP) – this includes access grant, enabling policies, configuring baselines, configuring agents (if applicable), verifying health status
- Administer CSPM solution – this includes managing user roles, audit logs, manage API access
- Discover cloud assets – this includes gaining visibility and manage cloud assets
- Manage Security policies and Benchmarks – this includes configuring CSPs specific security policies, industry specific compliance policies (such as PCI), benchmarks standards (such as CIS, NIST, etc.)
- Respond to alerts – this includes monitor, investigate and triage incidents based on actionable alerts
- Manage OS hardening – this includes administer operating system baseline and hardening
- Integration with 3rd party systems – this includes manage changes, requests on integration with other systems (such as ITSM and CI/CD Tools)
- Remediation guidance – this includes providing recommendations to the stakeholders to fix the potential threats, applying configurations on the systems to maintain IT security regulatory compliance and standards
- Manage reports – this includes providing reports to the business and IT stakeholders
What do you need to bring:
- 5+ years’ experience in Cloud Security, CSPM
- Collaborate with the team to design and deliver scalable back-end services that enhance our leading CSPM platform
- Develop user-friendly command-line utilities that interact with our web services
- Excellent communication and documentation skills
- Provide integration support and documentation for various teams, including UX/UI and Sensors
- Configure and monitor uptime alerts related to the services you manage
- Continuously improve architecture, models, user experience, performance, and stability through rapid prototyping and agile decision-making
- Innovate and refine methods to utilize data for automating global-scale cyber threat intelligence
- Contribute to building a platform that secures the entire lifecycle of cloud workloads for our customers
- Proficiency in at least one object-oriented programming language with strong typing
- Experience in developing and using RESTful API web services
- Familiarity with cloud provider APIs and CLI tools for AWS, Azure, and GCP
- Experience withinfrastructure-as-codetools like CloudFormation, Terraform, and Azure Templates
- Hands-on experience with Docker containers in Kubernetes environments
- Experience with message queues including defining messages, estimating sizes and rates, and monitoring lag
- Experience with RDBMS databases and SQL, such as Postgres
Preferred certifications:
- Cloud Security related certifications (AWS, GCP)
- Bachelors / Master’s Degree in Computer Science / Cybersecurity or related field
Bonus Points:
- Industry experience or certifications related to CNAPP, CSPM, or Cloud Security
- Experience with application observability tools such as Splunk and PagerDuty
- Experience managing production environments with Postgres, Kubernetes etc.
- Familiarity with graph structures, data, and graph databases
- Compliance knowledge/experience
- Automation
Travel Percent:
The total compensation for this practice may include an annual performance bonus (or other incentive compensation, as applicable), equity, and medical, dental, vision, and other benefits. For more information, visit .
The US national annual pay range for this role is $111,500 to $191,950
Our Benefits:
Any general requests for consideration of your skills, please