Cloud Security Analyst

About the Role

Day-to-day, you will work closely with the engineering and DevOps teams to ensure that security is integrated into every aspect of the cloud-based systems. You will also collaborate with cross-functional teams to drive security initiatives and ensure that the company's security posture is aligned with industry best practices.

Cloudbeds is a fully remote company, and as such, you will have the opportunity to work with a global team of innovators who are passionate about transforming the hospitality industry. The company's security team is responsible for ensuring the security and compliance of all cloud-based systems, and as a Cloud Security Analyst, you will play a critical role in this effort.

What You Will Do

• Embed security into CI/CD pipelines, partnering with DevOps and Engineering to shift security left
• Architect, implement, and maintain cloud-native security controls, configurations, and policies
• Manage Identity and Access Management (IAM) policies, enforcing least privilege across cloud accounts
• Implement and manage container and Kubernetes security tooling
• Monitor cloud infrastructure for threats and anomalies and triage alerts across platforms
• Conduct cloud vulnerability assessments and drive remediation alongside engineering teams
• Oversee application security operations, including code analysis tooling and remediation workflows
• Support incident response and forensics in cloud environments, including scenario testing and runbook updates
• Author and maintain clear, thorough security documentation, standards, and runbooks
• Collaborate with cross-functional teams and multi-level stakeholders to drive security initiatives company-wide
• Participate in implementation and ongoing monitoring of security tooling at all edges of the security landscape

What We Are Looking For

• 5 years of practical experience in cloud or application security
• Hands-on experience securing application stacks deployed in the cloud
• Strong experience with AWS security services and the ability to design and implement cloud-native security controls
• Experience with security frameworks and compliance regulations, such as PCI Level 1
• Excellent communication and collaboration skills, with the ability to work with cross-functional teams
• Strong technical skills, including experience with cloud-based systems, containers, and Kubernetes
• Experience with security tooling, such as endpoint detection platforms and vulnerability scanning tools
• Ability to work in a fast-paced, dynamic environment and adapt to changing priorities

Nice to Have

• Experience with AI-powered security solutions and machine learning-based security tools
• Knowledge of cloud-based security platforms, such as AWS Security Hub and Google Cloud Security Command Center
• Experience with compliance initiatives, such as SOC 2 and ISO 27001
• Certification in cloud security, such as AWS Certified Security - Specialty or Google Cloud Certified - Professional Cloud Security Engineer

Benefits and Perks

• Competitive salary and benefits package
• Opportunity to work with a global team of innovators who are passionate about transforming the hospitality industry
• Fully remote work environment, with flexible working hours and the ability to work from anywhere
• Professional development opportunities, including training and certification programs
• Access to the latest cloud-based security tools and technologies
• Collaborative and dynamic work environment, with a strong focus on teamwork and innovation
• Recognition and rewards for outstanding performance and contributions to the company's success
• Comprehensive health and wellness programs, including mental health support and employee assistance programs
• Generous paid time off and vacation policy, with the ability to recharge and relax
• Remote stipend and equipment allowance, to help you set up your home office and stay productive

• Tip: Make sure you have a strong understanding of cloud security and compliance, as well as experience with AWS security services and cloud-native security controls.
• Be prepared to provide specific examples of your experience with security frameworks and compliance regulations, such as PCI Level 1.
• Highlight your ability to work collaboratively with cross-functional teams and communicate technical information to non-technical stakeholders.
• Show that you are proactive and willing to learn, with a strong desire to stay up-to-date with the latest cloud-based security tools and technologies.
• Be prepared to provide examples of your experience with security tooling, such as endpoint detection platforms and vulnerability scanning tools.
• Tip: Make sure your resume and cover letter are tailored to the specific requirements of the role, with a focus on cloud security and compliance.
• Be prepared to negotiate your salary and benefits package, and make sure you have a clear understanding of the company's expectations and requirements.