We, XDuce Corporation, are a leading IT company specializing in turnkey projects across Application Development Data Integration Mobility Cloud Services. Our client, a leading (PublishingProfessional Association ) company is looking for Cloud Security Analyst. The Cloud Security Analyst will assist in the daily support of the cloud security technology for protecting client and intellectual data for all cloudhybrid solutions for the Company. This position will directly contribute to the overall companies security program and will lead the use of cloud security technology to protect company's data and applications mdash this includes monitoring, reporting and the auditing of security controls. The role reports to the Manager, Information Security and manages 0 direct reports. 0 direct rep Key Responsibilities Specific duties include but not limited to Act as subject matter expert (SME) on cloud security issues. Design, develop, review and build security architectures for public, private, and hybrid Cloud based systems within Amazon Web Services (AWS), Microsoft Azure, or other cloud providers. Identify, design and deploy solutions to secure cloud usage, whether cloud-native or COTS solutions. Communicate IT security related programs and issues to management, as appropriate. Design, develop and implement cloud security standards. Recommends security system architecture solutions based on industry best practices. Conduct audits, assessments, penetration tests and coordinate remediation activities. Provide direct support to IT staff for security-related issues. Ensure compliance with security policies, standards, and procedures. Coach other teams about cloud security-relevant technologies, processes and tools. Assists with the investigation of security incidents, recommends and implements solutions to remediate or mitigate them. Provide threat modeling and risk assessment services to characterize the risk and severity posture of various systems and components in cloud environments. Implement and maintain automated and flexible detection and response programs. Collect security-related operational metrics through automation and increase security visibility across the organization measure the coverage and effectiveness of security tools transparency over the security state of the Cloud). Maintains current knowledge of relevant security and privacy trends. Education Bachelor of Science degree in Cybersecurity, Information Security, Computer Science, or related field required required Work Experience 5+ years of hands-on experience with Cloud platforms (AWS, Azure, etc.) required 3+ years of hands-on experience implementing and managing cloud security tools required Experience conducting and mitigating securityrisk assessments preferred Experience with implementing and enforcing policies, procedures and guidelines in a complex environment preferred. Licenses and Certifications Certified Information Systems Security Professional (CISSP) or Certified Cloud Security Professional (CCSP) required Skills and Requirements Knowledge or familiarity with cloud security concepts, technologies, and best practices, including but not limited to, automation frameworks (Ansible, Terraform, Chef, Salt, Puppet, etc.), securing containers and container orchestration frameworks, Active Directory, LDAP, Federated SSO, One-Time Password (OTP) technology, SSL, encryption, IDSIPS, SIEM, malware detection, forensics in a cloud environment, network and web app firewalls. Offensive Security-oriented mindset (threat-modeling, vulnerability assessments, pen testing, etc.) Fluent in one or more programmingscripting languages (Python preferred, but not required) Ability to work independently managing multiple deadlines and deliverables Highly disciplined in how resources are used designs and champions ideas to drive efficiency Working understanding of information security standards, guidelines and frameworks such as NIST, COBIT or PCI. Understanding of, and ability to communicate, security and risk implications to technical and non-technical audiences Must demonstrate ability to perform and respond well in crisis situations Must have strong experience with Security monitoring and auditing tools Encryption systems Data protection practices to maintaining regulatory or legal compliance General security, incident response and management Ability to work alone and build relationships across the organization. Anticipates problems and identifies long-term implications of decisions and actions.